02-08-2008 10:18 AM - edited 03-05-2019 09:02 PM
Im doing some discovery on my network Im currently looking at a 3750 stack. As I know these have layer 3 capabilities, I know that either ip routing has to be turned on..or a default gateway has to be configured for devices to talk to each other and acces the LAN..but I do not see any of this
3750#sh ip route
Default gateway is not set
Host Gateway Last Use Total Uses Interface
ICMP redirect cache is empty
only 1 interface is configured
Vlan1 10.10.10.4
it is connected to a cisco 4506 via a channel group. There are no other IP's configured on the 3750 stack. But the
4506's IP is in the same subnet as the
vlan interface of the stack. (10.10.10.4----4506)
how are the devices getting out with no default gateway or routing on the switch?
Solved! Go to Solution.
02-08-2008 11:09 AM
Richard
I am not quite clear when you ask:
how are the devices getting out with no default gateway or routing on the switch?
whether you are asking about end stations connected to the 3750 or are talking about the 3750 itself. For the end stations the 3750 does not matter (since it does appear to not have enabled ip routing) and it is a question of what is configured on the end stations for their default gateway.
If your question is about the 3750 itself then the situation becomes more interesting. I used to believe that for a layer 2 switch to get to outside resources it MUST have a default-gateway configured. But I have discovered that many of the recent Catalyst switches not having a default-gateway configured will ARP for every destination (including "remote" destinations which should be reached through the default gateway). At that point it is as Edison explains a question of whether proxy arp is enabled. If proxy arp is enabled then there will be successful outside connectivity for a layer 2 switch with no configured default-gateway.
HTH
Rick
02-08-2008 10:29 AM
A device with proxy-arp enabled on that subnet is handling that task.
Proxy-Arp is enabled by default on Cisco L3 interfaces.
You can find out which device is doing that by doing a traceroute from the switch.
HTH,
__
Edison.
02-08-2008 11:09 AM
Richard
I am not quite clear when you ask:
how are the devices getting out with no default gateway or routing on the switch?
whether you are asking about end stations connected to the 3750 or are talking about the 3750 itself. For the end stations the 3750 does not matter (since it does appear to not have enabled ip routing) and it is a question of what is configured on the end stations for their default gateway.
If your question is about the 3750 itself then the situation becomes more interesting. I used to believe that for a layer 2 switch to get to outside resources it MUST have a default-gateway configured. But I have discovered that many of the recent Catalyst switches not having a default-gateway configured will ARP for every destination (including "remote" destinations which should be reached through the default gateway). At that point it is as Edison explains a question of whether proxy arp is enabled. If proxy arp is enabled then there will be successful outside connectivity for a layer 2 switch with no configured default-gateway.
HTH
Rick
02-08-2008 11:30 AM
Even though the 3750 has "L3 Capabilities", it only uses them if you design your network such that it uses them. If you don't tell your PC's to use the switch as their default gateway, the 3750 will only be a L2 switch, which doesn't require any routing or gateway configuration. What is most likely in your setup is your hosts are pointing to the distribution layer switches for their default gateway, and your 3750 stack is just passing the frames between.
The only reason you'd ever use 'ip default-gateway' on the 3750 is if you're using the switch as L2 (ip routing disabled), and you wanted to telnet into the management IP from another VLAN.
02-08-2008 12:13 PM
Hi Rick-
Yes I was talking about the 3750 itself
not having any sort of default gateway
or IP routing configured.
From what Wochanda said-
I should not be able be able to telnet into
the switch unless I am on the same subnet/network as the switch itselfe..
i.e. telnetetting from the distribution switch?
02-08-2008 12:43 PM
> i.e. telnetetting from the distribution switch?
Richard,
I addressed that on my reply :)
Proxy-ARP is doing its thing.
Do a traceroute from the 3750 and see which device is using as the gateway.
__
Edison.
02-08-2008 01:16 PM
3750>trace 192.168.4.5
Type escape sequence to abort.
Tracing the route to 192.168.4.5
1 10.10.10.1 1006 msec 0 msec 0 msec
2 192.168.4.5 0 msec 0 msec 0 msec
3750>
Device ID: 4506-a
Entry address(es):
IP address: 10.10.10.1
since it is routing to the A 4506 we also
have B 4506..which is also connected to
the 3750
What makes it choose the .1 interface to the
A 4506 instead of using the .2 B interface
02-08-2008 01:23 PM
That's the thing with proxy-arp and why it needs to be avoided by hard-coding the default gateway on devices. It's has an unpredictable behavior.
Perhaps .1 is replying faster than .2
__
Edison.
02-08-2008 02:12 PM
By the way, just an FYI...Proxy Arp is enabled by default on all Cisco switches...
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide