From: ccie2be (ccie2be@nyc.rr.com)
Date: Sun Apr 17 2005 - 19:59:13 GMT-3
Brian,
Thank you. Very Good Point.
Would the behavior of the router be any different in your example if the
default keyword weren't there?
If not, in what type of scenario would the default keyword be needed?
IOW, if you just had this:
route-map POLICY permit 10
set ip next-hop 1.2.3.4
set ip next-hop verify-availability
I can't see any difference between using or not using the default keyword.
If there is a difference, could you point it out to me.
TIA, Tim
-----Original Message-----
From: Brian McGahan [mailto:bmcgahan@internetworkexpert.com]
Sent: Sunday, April 17, 2005 4:49 PM
To: ccie2be; alsontra; Group Study
Subject: RE: What's the point of this?
Tim,
Keep in mind the context that this is used in, policy routing.
When a policy match does not occur, normal forwarding ensues. So if
your policy reads as follows:
route-map POLICY permit 10
set ip default next-hop 1.2.3.4
set ip default next-hop verify-availability
!
interface Ethernet0/0
ip policy route-map POLICY
This means that all traffic coming in E0/0 will be sent towards
1.2.3.4 if it is available. If it is not available all traffic coming
in E0/0 will be subject to normal forwarding.
HTH,
Brian McGahan, CCIE #8593
bmcgahan@internetworkexpert.com
Internetwork Expert, Inc.
http://www.InternetworkExpert.com
Toll Free: 877-224-8987 x 705
Outside US: 775-826-4344 x 705
24/7 Support: http://forum.internetworkexpert.com
Live Chat: http://www.internetworkexpert.com/chat/
> -----Original Message-----
> From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf
Of
> ccie2be
> Sent: Sunday, April 17, 2005 2:36 PM
> To: 'alsontra'; 'Group Study'
> Subject: RE: What's the point of this?
>
> Alsontra,
>
> I guess the only reason to use the verify-availability option with the
set
> ip default next-hop command is to save resource. But, I'm not sure
how
> much, if any, resource is actually saved when this option is used.
>
> It appears the router will expend cpu resource with cdp when you use
this
> option instead of arping when you don't. And, you might save
bandwidth
> but
> again I don't know how much bandwidth would actually be saved.
>
> Imagine you're using a low bandwidth f/r link. (On a high bandwidth
> ethernet, you probably care if you're sending arp's continuously).
>
> With the verify-avail option, u need to make sure cdp is enabled which
it
> might not be depending on the type of f/r int you're using. So,
instead of
> sending user traffic packets across the f/r link and having them
dropped,
> you're sending cdp frames across the link and dropping the packets
> locally.
>
> So, I think the bottom line is this:
>
> If the default next-hop is NOT available, packet to that next-hop will
be
> dropped no matter what.
>
> The only issue left is where those packets get dropped on the router
> checking availability or later.
>
> What do you think? Does this sound right to you?
>
> TIA, Tim
>
> -----Original Message-----
> From: alsontra [mailto:alsontra@hotmail.com]
> Sent: Sunday, April 17, 2005 10:42 AM
> To: 'ccie2be'; 'Group Study'
> Subject: RE: What's the point of this?
>
> Sorry, I'm not sure I understood your question.
>
> >If the preferred next-hop isn't available, the router will check if
the
> >DEFAULT is available.
> >If the DEFAULT isn't available, the packet is dropped whether you
check
> if
> >the DEFAULT is available or not. So, what's the point?
>
> I think what this means is your not going to senselessly send traffic
to a
> nexthop that is unavailable. The " verify-availability " option
doesn't
> really seem to make a good amount of sense unless your using it in the
> "set
> ip next-hop " snytax to make a more granular or discriminatory
route-map.
>
> In addition, this may be a feature that reclaims some of the routers
> resources. Note the following:
>
> "If the router is policy routing packets to the next hop and the next
hop
> happens to be down, the router will try unsuccessfully to use Address
> Resolution Protocol (ARP) for the next hop (which is down). This
behavior
> will continue forever.
>
> To prevent this situation from occurring, use this command to
configure
> the
> router to first verify that the next hops of the route map are the
> router's
> CDP neighbors before routing to that next hop. "
>
>
http://www.cisco.com/univercd/cc/td/doc/product/software/ios123/123cgcr/
ip
> rr
> p_r/ip2_s1g.htm#wp1038423
>
> In a high traffic environment, this feature may save you some CPU. (if
cdp
> is an option)
>
> HTH,
> Al
>
> -----Original Message-----
> From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf
Of
> ccie2be
> Sent: Sunday, April 17, 2005 7:03 AM
> To: 'alsontra'; 'Group Study'
> Subject: RE: What's the point of this?
>
> Alsontra,
>
> Thanks for getting back to me.
>
> Although I appreciate your response, it didn't really address my
question.
>
> My question was about the command:
>
> set ip DEFAULT next-hop verify-availability
>
> In this command, we're using DEFAULT and verify-availability in the
same
> command. In other words, we are telling the router to verify the
default
> before we use it. So, what happens when the DEFAULT is not available?
>
> By definition, a DEFAULT is what's used as a last resort. In your
> example,
> you had a preferred next-hop which would be used if it's available and
a
> default next-hop if the preferred next-hop isn't available. That
makes
> sense.
>
> Now, what happens when you add this command to your config.
>
> set ip next-hop 1.1.1.1
> set ip next-hop verify-availability
> set ip default next-hop 2.2.2.2
> set ip DEFAULT next-hop verify-availability
>
>
> If the preferred next-hop isn't available, the router will check if
the
> DEFAULT is available.
> If the DEFAULT isn't available, the packet is dropped whether you
check if
> the DEFAULT is available or not. So, what's the point?
>
> The only difference I can see by verifying if the DEFAULT is available
> when
> it's not is where the packet is dropped. But, either way the packet is
> dropped.
>
> Maybe that's all there is to that but I would appreciate any comments.
>
> TIA, Tim
>
>
> -----Original Message-----
> From: alsontra [mailto:alsontra@hotmail.com]
> Sent: Saturday, April 16, 2005 1:44 PM
> To: 'ccie2be'; 'Group Study'
> Subject: RE: What's the point of this?
>
>
> Tim,
>
> There are at least two situations that demonstrate the point of this
> option.
> (at least from my humble perspective.)
>
> #1. Using only policy routing to create a DDR type solution.
>
> set ip next-hop 1.1.1.1
> set ip next-hop verify-availability
> set ip default next-hop 2.2.2.2
>
>
> In this form, the router will policy route all packets to 1.1.1.1 as
long
> as
> the adjacent router or 1.1.1.1 route destination is in the CDP table.
>
> (set ip next-hop verify-availability uses cdp to verify adjacency)
>
> When this route is not verifiable via CDP, all packets will be routed
to
> 2.2.2.2... Thereby creating your backup solution.
>
> #2. You can combine policy routing and normal routing to produce a
hybrid
> backup situation.
>
> set ip next-hop 1.1.1.1
> set ip next-hop verify-availability
>
> ip route 0.0.0.0 0.0.0.0 2.2.2.2
>
> Once again, if the route to 1.1.1.1 is not verifiable all packets get
> routed
> to 2.2.2.2. (pls note policy routing happens before normal routing)
>
> (shooting from the hip)
>
> HTH,
> Alsontra
>
>
>
>
> -----Original Message-----
> From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf
Of
> ccie2be
> Sent: Friday, April 15, 2005 11:53 AM
> To: Group Study
> Subject: What's the point of this?
>
> Hi guys,
>
> That prior question about conditional redist static got me thinking
about
> the verify-availability command.
>
> In the Command Reference I found another command which also uses the
> verify-availability.
>
> set ip default next-hop x.x.x.x
> set ip default next-hop verify-availability
>
> What's the point of this?
>
> Just think about this. If a certain next-hop is the default next-hop
that
> means this next-hop should be used if there's no other choice.
>
> But, if there's no other choice, what happens if this default next-hop
is
> NOT available?
>
> Doesn't this seem to be a contradiction?
>
> Can someone provide an example where this command should be used and
what
> happens if the default next-hop is NOT available?
>
> TIA, Tim
>
>
This archive was generated by hypermail 2.1.4 : Tue May 03 2005 - 07:54:59 GMT-3