Hey guys, I’m trying to figure out how one of the ways I set up my default route works. I have dhcp enabled on the ether1 interface. This is my WAN port that I have my ISP modem plugged into. If I enable default route, It gives me a 73.xxx.xxx.1 comcast default gateway and everything works. In the name of messing around I went into my dhcp and turned off “add default gateway” I then added a route where the dst address is 0.0.0.0/0 and the gateway is ether1. I was surprised to see that my internet actually works. In fact it works well except when I ping something it sometimes has a huge spike like 1000-2000ms and when I use the 73.xxx.xxx.1 regular default route this doesn’t happen. This is going to sound silly, but besides the random initial ping spikes making it hard for games to select the correct dedicated server, the connection is stable. Is there anyway to bypass or eliminate this delay while keeping the routing the way I have set up? This is more just for educational purposes to understand how this is working. Also, in games (FPS’s) it seems to play better. Now, this could be due to the fact that I am having spikes it’s giving me more lag compensation then normal or something but I digress. Thanks in advance!
did you have the manually added route 0.0.0.0/0 with distance 0? If so it may be the problem.
Nope, the distance is 1. If I even try to make my own route with a distance of 0 it says it’s invalid.
That is right. You can’t create manual route with distance 0.
For your observed behavior, there is a simple explanation. Let me give you example, how the network works, when you try to ping for example 1.1.1.1
If you use default route with gateway IP, network works this way:
1) your router sends packet destined to IP 1.1.1.1 but MAC of your gateway (because it is already cached in ARP table)
2) gateway receives the packet and forwards it according to its own routes
3) packet gets forwarded until it reaches target
4) target replies
5) packet gets forwarded back, until it reaches your router
If you use default route without gateway (i.e. with interface, instead of gateway IP), the network behaves slightly differently:
- Your router sends ARP request to find out, whether there is any device with IP 1.1.1.1 available via L2 (of course it is not)
- since the ARP request is L2 broadcast, gateway will most likely answer it (if it has enabled proxy-arp or local-proxy-arp) however any other device on the same L2 segment can answer that!
3) your router sends packet destined to IP 1.1.1.1 but MAC of your gateway - gateway receives the packet and forwards it according to its own routes
- packet gets forwarded until it reaches target
- target replies
- packet gets forwarded back, until it reaches your router
See the difference? If you don’t specify gateway IP, there is extra ARP request and reply for every IP (unless it is already cached)
Even though you can see this approach (use interface instead of IP as a gateway for default route) advised sometime around here, I consider it as a misconfiguration which has both security and performance consequences.
It also may not work with every ISP - If your ISP does not reply to these ARP requests, connection will not work at all.
Thank you for the very detailed description! I appreciate it and I understand what you are saying. Is there any options to help this ARP lookup happen quicker? Anyway I can optimize it more? In all reality I will just change it back to the actual IP default gateway. I just like learning about this kind of stuff and wanna see if it’s possible to reduce the delay. 
Sorry, I am not aware of any possible way, how to reduce the delay - it depends on the speed of ISP response. 
I tested it on LAN, where i have <1ms latency, and it took >100ms for my CHR to reply with proxied ARP response…
For example Cisco gives actual warning about performance impact if similar setting is detected.
Is there any particular reason why you want to avoid “add default gateway” on your DHCP client? I or someone else might find another way to solve your original trouble…
Thanks for heads up, I think I mix up something with fortios again, ha ha
@vecernik87
thanks. I now know the cause for some of our problems. It’s good to have an informative posts like yours and that’s what keeps get me back to this forum.
Nope, no reason for me not to just use the default gateway IP. I switched back, this was all just for learning purposes and to broaden my knowledge on why this occurred Thanks for the help vecernik87! Mods, feel free to close this post now that it has been resolved or you can keep it visible for anyone that wants to learn about how ARP responses work.