What is DFZ (Default Free Zone)?

In the context of the Internet and BGP routing, DFZ – commonly known as Default Free Zone – refers to the collections of all the public IPv4 BGP prefixes without default route on the global Internet.

I am explaining this topic in deep detail in my Live/Webex “BGP  Zero to Hero” course. Click here for our Special Offer.

Most of the time, you hear full-route or full-Internet-route terms which are the same with Default Free Zone term. Having all BGP routes, which are announced by all the available AS (Autonomous System), on the Internet.

Currently, there are more than 600,000 IPv4 BGP routes and about 30,000 IPv6 routes in the DFZ (Default Free Zone).  These numbers, however, could easily be reduced to 300,000 for IPv4 and less than 20,000 for IPv6 based on the CIDR reports (IPv4 CIDR report and  IPv6 CIDR report).

When you have a BGP connection with the ISP, you can receive only default route, partial route (Customer routes of your ISP), default free zone route (full BGP routing table), DFZ + default routes , DFZ + Customer routes, DFZ+ default route, and DFZ + partial route (Customer routes of your ISP). In sum, you have many options to choose from.

Actually, your preference entirely depends on your BGP policy. For instance, if the network traffic is between your users and the servers inside your ISP or if it is between your users and the servers inside the Customer datacenter of your ISP, you don’t want this traffic to go through the suboptimal path.

Let’s see the below topologies to understand how suboptimal routing is created with the wrong BGP policy.


BGP Path selection with defaulr route

Figure -1 BGP Egress Path Selection with Default Route

In the above figure, the Customer is connected to the two Internet Service Providers, which are linked to the same upstream Service Provider, SP3.

The Customer is receiving only default route, thus increasing the local preference on SP2 BGP connection. The Customer wants to reach network, which is the Customer of SP1.

The connection will be optimal if the Customer reaches network over SP1 link directly. Nonetheless, since the Customer increases the local preference for the default route over SP2 link – for each prefix – only SP2 link is used.

And the traffic flow between the Customer and the network is Customer- SP2 – SP3 – SP1.

Let’s take a look at the topology shown below.

bgp path selection with peering

Figure -2 BGP Egress Path Selection with Default Route and Peering between SPs

In Figure-1 and Figure-2 topology, there is a peering link between the SP1 and SP2. The Customer is still receiving only default route and using BGP local preference 150 (by default 100 on SP1 connection) over SP2. What’s more, the Customer wants to reach network, which is the Customer of SP1.

In this traffic, the flow would be Customer-SP2-SP1.

The peering link between SP1 and SP2 prevents the packets from being sent from SP2 to SP3.

By default, SP2 prefers peering link over upstream link because of cost reduction.

But the traffic flow, from the Customer point of view, is still suboptimal because it is supposed to be directly between the Customer and SP1, not between SP2 and SP1.

Let’s examine the last topology to see whether the partial routing can avoid suboptimal BGP routing.

bgp path selection with partial route

Figure -3 BGP Path Selection with the Default Route + Partial Route

In Figure 3, the partial route is received from the SP1. Everything is the same with topology; besides, only the partial route is added. In real life, you cannot receive only network. To simplify the concept, let’s assume that we are receiving network, including the default route, from SP1.

The Customer still uses BGP Local Preference 150 over SP2 link and BGP Local Preference 100 for the default route. The Customer doesn’t change BGP local preference for the partial routes; rather, the Customer uses BGP Local Preference 100 for the as well.

But since the longest match routing is evaluated and chosen over the local preference, the Customer selects SP1 as the best path for the network. The remaining networks are reached through the SP2.


Receiving DFZ, which is full internet routing table, allows network administrators to have optimal path if there are multiple ISPs or multiple links. Nonetheless, this benefit is not free.

In sum, the more the routes, the more the processing power. BGP routers, which have full internet routing table, requires much more memory and CPU compared to BGP routers which have only the default route or default + partial routes.

But if you have only 1 ISP and 1 link, don’t even bother using BGP. In a word, use only the static route.

2 Replies to “What is DFZ (Default Free Zone)?”

Leave a Reply

Your email address will not be published.