Re: Why does dhcpd have a routers (plural) option for a subnet?

From: Frank Leonhardt <freebsd-doc_at_fjl.co.uk>
Date: Fri, 27 Sep 2024 09:23:51 UTC
On 2024-09-26 17:04, Doug McIntyre wrote:
> On Thu, Sep 26, 2024 at 03:29:39PM +0100, Frank Leonhardt wrote:
>> This would require the host to rotate on failed gateways. I've always
>> thought this was a sensible and simple idea but networking geeks said 
>> it was
>> a really bad one and router standby protocols were the way to go.
>> 
>> So the next interesting question would be which host stacks would 
>> accept
>> multiple gateways and what would they do with them?
> 
> 
> You have to think back to when this would have been developed.
> 
> The model of NAT didn't exist. IP addresses were unique and globally 
> routable.
> 
> Routers were large devices that weren't entirely stable, mainly to 
> route between multiple networks.
> 
> For a large campus, you probably had a router servicing every building, 
> if not every floor.
> You may have put multiple routers in to talk to different types of 
> networks. Its entirely possible
> that another backup router would eventually lead you back to where you 
> needed to go, perhaps over a
> secondary (ie. slower) link.
> 
> Any host stack should be able to handle routing tables dealing with the 
> original scenario.
> Network Engineers at ISPs do this all the time.
> 
> Now, with NAT being prevelent everywhere, you're going to have to go
> through the device that holds your session table to have NAT work
> back. Most firewalls won't let traffic coming in on the "wrong"
> interface from passing through. Thus, we've collapsed everything down 
> to requiring
> the one gateway router/firewall device.
> 
> This is one of the problems with NAT that old network people complain 
> about.
> NAT solved the Internet IP address limit problem, but with much reduced 
> functionality and resiliency.

Yes, now you mention it, it's obvious a lot of the state information in 
a LHR is indeed down to asymmetric NAT!

Hosts flipping themselves to a backup gateway is break connections and 
cause retries, but so is having someone turn a stalled router off and on 
again, so I've never been convinced that having a spare online waiting, 
without state, is such a bad thing (like DNS servers). I suspect Network 
Engineer's dislike of a quick-and-dirty imperfect solution may be down 
to maintaining their mystique around things like HSRP.

But what DOES FreeBSD (or anything else) do when there are two 0.0.0.0 
in the routing table? It lets you configure two (and it's a PITA to 
delete the wrong one), but whenever I've checked the FM, everything says 
"There is only ever one default gateway, you ignorant peasant!"

-- 
------
25-Sept-24 My apologies to everyone who I appear to have ignored for the 
last few years. A procmail script was misfiling some replies to 
Questions to the wrong folder.