[j-nsp] /32 host routes on down interfaces

Richmond, Jeff Jeff.Richmond at frontiercorp.com
Thu Apr 22 15:31:35 EDT 2010 

This has been there for a while, so if it was overlooked it has been ongoing. :)

We ran in to this when migrating from some M20s/M40e's to M320s. Had to remember to deactivate the interface on the old router as it was still showing the /32 side of the connected as active even when the fiber was pulled...

-Jeff

On Apr 22, 2010, at 12:09 PM, Paul Stewart wrote:

> Hey Richard...
> 
> That is an interesting find - my thought would have been the same.  Don't
> install the route OR the host route into the table unless it's active.
> 
> Why would you have a route entry exist to an interface that is down and
> could never pass traffic?  Just my thoughts...
> 
> Would be interesting to hear from JTAC if this was a design "feature" or an
> overlooked "oops"....
> 
> Paul
> 
> 
> -----Original Message-----
> From: juniper-nsp-bounces at puck.nether.net
> [mailto:juniper-nsp-bounces at puck.nether.net] On Behalf Of Richard A
> Steenbergen
> Sent: April-22-10 3:03 PM
> To: juniper-nsp at puck.nether.net
> Subject: [j-nsp] /32 host routes on down interfaces
> 
> So I just noticed an interesting behavior which I think is a bad thing, 
> but I want to see what other people think.
> 
> If you take an interface and put an IP route on it, like say:
> 
> interfaces {
>    xe-0/0/0 {
>        unit 0 {
>            family inet {
>                address 1.1.1.1/30;
>            }
>        }
>    }
> }
> 
> And the above interface is DOWN, the 1.1.1.0/30 route is not installed 
> to the routing table like one would expect, but the 1.1.1.1/32 HOST 
> ROUTE is:
> 
> inet.0: 326321 destinations, 3502101 routes (319320 active, 11 holddown,
> 316892 hidden)
> Restart Complete
> + = Active Route, - = Last Active, * = Both
> 
> 1.1.1.1/32         *[Local/0] 00:00:05
>                      Reject
> 
> And if you try to route traffic through the box for 1.1.1.1, it is
> rejected. The same is true even if you admin down the interface with
> "interface xe-0/0/0 disable", it always installs the /32 local route.
> 
> This seems like a bad thing to me. If the interface is down (either link
> or admin) I don't see why you'd need the local route installed in the
> routing table?
> 
> I'm assuming the reason nobody has complained before is it doesn't break
> that much stuff, since the only time most people talk to an interface
> host route is via the directly conected interface. The only reason I
> noticed it at all was we were doing router migrations and pre-staging
> the config on new router ports, so the IP existed on multiple routers 
> but only 1 link would be active at any given moment. And yes I know you 
> can always work around this by deactivating the interface so the IP 
> config doesn't go into the parser at all, I'm just wondering why it 
> would be designed this way in the first place. :)
> 
> -- 
> Richard A Steenbergen <ras at e-gerbil.net>       http://www.e-gerbil.net/ras
> GPG Key ID: 0xF8B12CBC (7535 7F59 8204 ED1F CC1C 53AF 4C41 5ECA F8B1 2CBC)
> _______________________________________________
> juniper-nsp mailing list juniper-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/juniper-nsp
> 
> 
> _______________________________________________
> juniper-nsp mailing list juniper-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/juniper-nsp

More information about the juniper-nsp mailing list