Multiple default routes (was: Networking help)
bscott at ntisys.com
bscott at ntisys.com
Sun Dec 15 14:03:30 EST 2002
On Sun, 15 Dec 2002, at 12:45am, gnhlug at sophic.org wrote:
>> Did you read my post? **There is nothing special about a default
>> route.** It is simply a route that matches all packets.
>
> Did you read mine? I never said they weren't... All I said is that
> /historically/, hosts did not play a part in routing around down links.
> Which is true.
Okay... yeah... I see where you're coming from now. I was still thinking
in the context of the question of whether multiple routes to a given
destination was valid or not.. and giving the example of redundant links as,
well, an example.
Just to further propagate the topic drift: Simply having multiple routes
usually doesn't give you redundancy, anyway. You need something (i.e., a
routing daemon) to propagate link-state information as well. Otherwise, the
system will blindly continue trying to route packets via the dead link. :)
>>> route, rather than allowing you to specify what networks can be routed via
>>> that gateway. IMO, this behavior is wrong, unless you know it's what you
>>> want.
>>
>> Why is it wrong?
>
> As I already said in a previous post, it's because if one of the networks
> to which the host is connected does not route anywhere, having a default
> route to that network is dumb.
Two things.
One: Routes do not point to an IP network, they point to a gateway -- a
single host. Routes may be *to* a network, or *to* a host, but they go
*via* a gateway (or an interface, for the directly connected case). I
realize that's what you mean, but it's an important distinction.
Two: A route which specifies an invalid gateway is *always* broken,
regardless of whether it's a default route or not. A route which depends on
a missing Ethernet cable is broken, too. That, to me, seems blindingly
obvious. I do hope that (specifying a gateway that isn't) is not Paul's
problem. :-)
> I've had such networks, and multi-homed hosts on them, in more than one
> place I've worked.
I had one guy specifying 127.0.0.1 as his default gateway once. I've
encountered at least two people who thought that a default gateway always
had to end in ".1". Like I said, there's a great many broken networks out
there.
>>> ... my own experience with pre-2.4 kernels is that while having two
>>> default routes did not always cause problems, it sometimes did. Getting
>>> rid of them fixed the problem.
>>
>> Again: That is more likely an indication that the routing plan at a
>> given site is incomplete.
>
> Without going into detail (because it's largely pointless), I don't think
> that's the case with the problems we had at MCL. Our network was pretty
> simple...
Well, keep in mind that I'm applying the phrase "broken routing plan"
pretty broadly. For instance, you mentioned a firewall in context of the
problems at MCL. I have encountered a great many firewalls which cannot
seem to handle half of what IP explicitly allows. If you're got a firewall
which is employing over-zealous egress filters, for example, that could
easily cause routing problems.
> Supporting multiple default routes is required by RFC 1122.
Since when do implementors read the RFCs? ;-)
> I'm not sure I'd quite consider it "correct" to have extra
> resource-consuming entries that will never be used in any configuration,
> including routing tables...
Well, I suppose, if your configuration associates each gateway with an
interface, and you switch different interfaces on and off, that might
actually be the Right Thing to do after all (this after my complaint about
routing being too strongly associated with interfaces -- see what I meant
about universal statements?).
--
Ben Scott <bscott at ntisys.com>
| The opinions expressed in this message are those of the author and do not |
| necessarily represent the views or policy of any other person, entity or |
| organization. All information is provided without warranty of any kind. |
More information about the gnhlug-discuss
mailing list