From: Brian McGahan (bmcgahan@internetworkexpert.com)
Date: Sun Apr 17 2005 - 17:48:46 GMT-3
Tim,
Keep in mind the context that this is used in, policy routing.
When a policy match does not occur, normal forwarding ensues. So if
your policy reads as follows:
route-map POLICY permit 10
set ip default next-hop 1.2.3.4
set ip default next-hop verify-availability
!
interface Ethernet0/0
ip policy route-map POLICY
This means that all traffic coming in E0/0 will be sent towards
1.2.3.4 if it is available. If it is not available all traffic coming
in E0/0 will be subject to normal forwarding.
HTH,
Brian McGahan, CCIE #8593
bmcgahan@internetworkexpert.com
Internetwork Expert, Inc.
http://www.InternetworkExpert.com
Toll Free: 877-224-8987 x 705
Outside US: 775-826-4344 x 705
24/7 Support: http://forum.internetworkexpert.com
Live Chat: http://www.internetworkexpert.com/chat/
> -----Original Message-----
> From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf
Of
> ccie2be
> Sent: Sunday, April 17, 2005 2:36 PM
> To: 'alsontra'; 'Group Study'
> Subject: RE: What's the point of this?
>
> Alsontra,
>
> I guess the only reason to use the verify-availability option with the
set
> ip default next-hop command is to save resource. But, I'm not sure
how
> much, if any, resource is actually saved when this option is used.
>
> It appears the router will expend cpu resource with cdp when you use
this
> option instead of arping when you don't. And, you might save
bandwidth
> but
> again I don't know how much bandwidth would actually be saved.
>
> Imagine you're using a low bandwidth f/r link. (On a high bandwidth
> ethernet, you probably care if you're sending arp's continuously).
>
> With the verify-avail option, u need to make sure cdp is enabled which
it
> might not be depending on the type of f/r int you're using. So,
instead of
> sending user traffic packets across the f/r link and having them
dropped,
> you're sending cdp frames across the link and dropping the packets
> locally.
>
> So, I think the bottom line is this:
>
> If the default next-hop is NOT available, packet to that next-hop will
be
> dropped no matter what.
>
> The only issue left is where those packets get dropped on the router
> checking availability or later.
>
> What do you think? Does this sound right to you?
>
> TIA, Tim
>
> -----Original Message-----
> From: alsontra [mailto:alsontra@hotmail.com]
> Sent: Sunday, April 17, 2005 10:42 AM
> To: 'ccie2be'; 'Group Study'
> Subject: RE: What's the point of this?
>
> Sorry, I'm not sure I understood your question.
>
> >If the preferred next-hop isn't available, the router will check if
the
> >DEFAULT is available.
> >If the DEFAULT isn't available, the packet is dropped whether you
check
> if
> >the DEFAULT is available or not. So, what's the point?
>
> I think what this means is your not going to senselessly send traffic
to a
> nexthop that is unavailable. The " verify-availability " option
doesn't
> really seem to make a good amount of sense unless your using it in the
> "set
> ip next-hop " snytax to make a more granular or discriminatory
route-map.
>
> In addition, this may be a feature that reclaims some of the routers
> resources. Note the following:
>
> "If the router is policy routing packets to the next hop and the next
hop
> happens to be down, the router will try unsuccessfully to use Address
> Resolution Protocol (ARP) for the next hop (which is down). This
behavior
> will continue forever.
>
> To prevent this situation from occurring, use this command to
configure
> the
> router to first verify that the next hops of the route map are the
> router's
> CDP neighbors before routing to that next hop. "
>
>
http://www.cisco.com/univercd/cc/td/doc/product/software/ios123/123cgcr/
ip
> rr
> p_r/ip2_s1g.htm#wp1038423
>
> In a high traffic environment, this feature may save you some CPU. (if
cdp
> is an option)
>
> HTH,
> Al
>
> -----Original Message-----
> From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf
Of
> ccie2be
> Sent: Sunday, April 17, 2005 7:03 AM
> To: 'alsontra'; 'Group Study'
> Subject: RE: What's the point of this?
>
> Alsontra,
>
> Thanks for getting back to me.
>
> Although I appreciate your response, it didn't really address my
question.
>
> My question was about the command:
>
> set ip DEFAULT next-hop verify-availability
>
> In this command, we're using DEFAULT and verify-availability in the
same
> command. In other words, we are telling the router to verify the
default
> before we use it. So, what happens when the DEFAULT is not available?
>
> By definition, a DEFAULT is what's used as a last resort. In your
> example,
> you had a preferred next-hop which would be used if it's available and
a
> default next-hop if the preferred next-hop isn't available. That
makes
> sense.
>
> Now, what happens when you add this command to your config.
>
> set ip next-hop 1.1.1.1
> set ip next-hop verify-availability
> set ip default next-hop 2.2.2.2
> set ip DEFAULT next-hop verify-availability
>
>
> If the preferred next-hop isn't available, the router will check if
the
> DEFAULT is available.
> If the DEFAULT isn't available, the packet is dropped whether you
check if
> the DEFAULT is available or not. So, what's the point?
>
> The only difference I can see by verifying if the DEFAULT is available
> when
> it's not is where the packet is dropped. But, either way the packet is
> dropped.
>
> Maybe that's all there is to that but I would appreciate any comments.
>
> TIA, Tim
>
>
> -----Original Message-----
> From: alsontra [mailto:alsontra@hotmail.com]
> Sent: Saturday, April 16, 2005 1:44 PM
> To: 'ccie2be'; 'Group Study'
> Subject: RE: What's the point of this?
>
>
> Tim,
>
> There are at least two situations that demonstrate the point of this
> option.
> (at least from my humble perspective.)
>
> #1. Using only policy routing to create a DDR type solution.
>
> set ip next-hop 1.1.1.1
> set ip next-hop verify-availability
> set ip default next-hop 2.2.2.2
>
>
> In this form, the router will policy route all packets to 1.1.1.1 as
long
> as
> the adjacent router or 1.1.1.1 route destination is in the CDP table.
>
> (set ip next-hop verify-availability uses cdp to verify adjacency)
>
> When this route is not verifiable via CDP, all packets will be routed
to
> 2.2.2.2... Thereby creating your backup solution.
>
> #2. You can combine policy routing and normal routing to produce a
hybrid
> backup situation.
>
> set ip next-hop 1.1.1.1
> set ip next-hop verify-availability
>
> ip route 0.0.0.0 0.0.0.0 2.2.2.2
>
> Once again, if the route to 1.1.1.1 is not verifiable all packets get
> routed
> to 2.2.2.2. (pls note policy routing happens before normal routing)
>
> (shooting from the hip)
>
> HTH,
> Alsontra
>
>
>
>
> -----Original Message-----
> From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf
Of
> ccie2be
> Sent: Friday, April 15, 2005 11:53 AM
> To: Group Study
> Subject: What's the point of this?
>
> Hi guys,
>
> That prior question about conditional redist static got me thinking
about
> the verify-availability command.
>
> In the Command Reference I found another command which also uses the
> verify-availability.
>
> set ip default next-hop x.x.x.x
> set ip default next-hop verify-availability
>
> What's the point of this?
>
> Just think about this. If a certain next-hop is the default next-hop
that
> means this next-hop should be used if there's no other choice.
>
> But, if there's no other choice, what happens if this default next-hop
is
> NOT available?
>
> Doesn't this seem to be a contradiction?
>
> Can someone provide an example where this command should be used and
what
> happens if the default next-hop is NOT available?
>
> TIA, Tim
>
>
This archive was generated by hypermail 2.1.4 : Tue May 03 2005 - 07:54:59 GMT-3