Cisco Community
English
Register
Great changes are coming to Cisco Community in July. LEARN MORE
Register
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
321
Views
0
Helpful
2
Replies
m.deangelo
Beginner
Beginner
‎01-27-2004 11:30 AM
‎01-27-2004 11:30 AM

Stolen Default Gateway IP

Is there any configuration to prevent the potential impact of somebody taking the default gateway IP and configuring it on a device on the same vlan/network. As devices learn of this new default gateway mac there will be traffic that gets black holed.

Labels:
0 Helpful
2 REPLIES 2
gleithner
Beginner
Beginner
‎01-27-2004 01:36 PM
‎01-27-2004 01:36 PM

not that I know of.

If we're talking a new device, you could use 802.1X or mac-security on the switch port.

As for devices already on the vlan, use an OS that can lock out users from the network settings.

As for the affect, it would be gradual unless a large number of pc's fired up at the same time. PC's already using the current default gateway would keep using it, dependent on usage and arp timeouts of course. Should be enough time to jump on the issue before it gets out of hand.

0 Helpful
tbaranski
Enthusiast
Enthusiast
‎01-27-2004 05:04 PM
‎01-27-2004 05:04 PM

Dynamic ARP Inspection was introduced recently to help with this problem: http://www.cisco.com/en/US/products/hw/switches/ps4324/products_configuration_guide_chapter09186a00801cddb9.html

I don't know what other platforms support it.

0 Helpful
Latest Contents
DR and the Type-2 LSA in OSPFv3 versus OSPFv2
Created by Meddane on 06-24-2022 04:35 PM
0
0
0
0
When moving from OSPFv2 to OSPFv3, there are many changes in the format of the LSAs Type, but the most known changes are: IP prefix informations are no longer carried in Type-1 LSA and Type-2 LSA, new LSAs Type 8 and 9 are added to carry these prefixes. L... view more
Preview of the Book OSPF CCIE The Ultimate Ccie Enterprise E...
Created by Meddane on 06-23-2022 08:45 PM
0
0
0
0
Read a preview of my book OSPF The ultimate for CCIE Enterprise and Infrastructure exam in Books Google Doc.   Read a preview of my book OSPF The ultimate for CCIE Enterprise and Infrastructure exam in Books Google Doc #CCIE #Cisco #exam #Enterprise ... view more
Series of 20 OSPF Questions With Concise Answers.
Created by Meddane on 06-21-2022 03:08 AM
0
5
0
5
  Question 1: What are the OSPF Loop Prevention Mechanisms   In single area, the routers have the Link State Database, having the same LSDB helps the routers to build a loop-free topology.   Now in a multiarea topology, the ABRs are respon... view more
Preparing a series of OSPF questions and answers
Created by Meddane on 06-19-2022 05:29 AM
2
5
2
5
Question 1: What are the OSPF Loop Prevention Mechanisms Question 2: Why area 0 is required? Question 3: what is the command to stop Type-7 LSA ? Question 4: How the NSSA ABR translator election occurs? Question 5: How to stop receiving specific subnets I... view more
Why an NSSA ABR does not inject a default route automaticall...
Created by Meddane on 06-18-2022 03:44 AM
0
0
0
0
If an NSSA ASBR originates a default route into the OSPF in order to reach an external domain, the default route is injected as a Type 7 NSSA External LSA.  If at the same time the NSSA ABR connecting that NSSA to Area 0 is generating a default route... view more
Ask a Question
Create
+ Discussion
+ Blog
+ Document
+ Video
+ Project Story
Find more resources
Discussions
Blogs
Documents
Events
Videos
Project Gallery
New Community Member Guide
Related support document topics
Recognize Your Peers
Spotlight Award Nomination
Content for Community-Ad