Solved: Home Lab Question

Chris Mickle · ‎07-20-2016

I'm currently making a serious effort to obtain a CCNA R&S cert and I have a question about my home lab that's been kind of bugging me...

I have (2) 1721s and a 2620 that I've been using as hosts to check connectivity when doing router labs in place of PCs until I have a little time to set up a Hyper-V server. The current scenario I am working on involves static routing and VLAN configuration and I am using the previously mentioned routers as host PCs in 3 different VLANs. I have connected this setup to the real internet as well and everything is working fine. All the host "PCs" can ping everything they're supposed to and can't ping anything they're not supposed to. When I attach a real PC to one of the VLANs and configure an IP on the appropriate subnet, everything works fine there too.

The weird part is that the routers I'm using as hosts can ping IP addresses on the real internet without a default gateway. How is that possible??

Just for clarification, I am using the following relevant config parameters on the "PCs."

IP address x.x.x.x x.x.x.x

no ip routing

It's not causing me any problems as I've said everything works fine. It's just annoying me that I don't know how it is possible.

Thanks

mlund · ‎07-21-2016

Hi Chris

Maybe it is proxy arp on r2 that's doing it. Try to disable it.

/Mikael

View solution in original post

Harsha A. · ‎07-20-2016

Hello Chris,

How are the routers connected ?

1721s ---> 2620 and 2620 ---> Internet ?

Did you check for any static routes on either of the routers ?

-Harsha

Chris Mickle · ‎07-20-2016

No. It's 1721's and 2620 connected to different VLANs. There is a trunk interface on the switch and that is connected to 3 sub interfaces on R2. R2 routes traffic to R1 and R1 is connected to the internet gateway. NAT is running on R1. R1 and R2 have static routes configured for all the subnets to allow the traffic to flow. I haven't set up and inter-vlan routing yet.

1721s and 2620------->switch-----dot1q trunk------>R2------>R1------>Internet Gateway

The results of sh ip route on the 1721s and the 2620 all show no entries; not even for the directly connected Ethernet interfaces. I am assuming because of the no ip route config line.

If I configure my laptop with an IP on one of the subnets in any VLAN, I can ping internet address and even browse, but if I remove the gateway IP, it all quits working as expected.

I just don't understand how the 1721s and the 2620 used as hosts could ping internet addresses without a gateway.

mlund · ‎07-21-2016

Hi Chris

Maybe it is proxy arp on r2 that's doing it. Try to disable it.

/Mikael

Chris Mickle · ‎07-21-2016

mlund was absolutely right!

The result of the sh arp command on both 1721s and the 2620 revealed that internet IP addresses that were pinged from that device were associated with the MAC address of the physical interface of R2. After applying no ip proxy-arp on the physical interface and sub-interfaces of R2 and power-cycling the hosts, the pings stop working. They only start working again after applying the ip default-gateway [address of vlan sub-interface on R2] command.

Now the result of sh arp has an entry of the sub-interface IP and MAC address of R2.

So let me see if I understand this...

A ping from "PC1" causes the device to send an ARP request broadcast which is received on the sub-interface on R2 that is associated with that VLAN. R2 knows that the destination network is somewhere on its other interface so it replies to the ARP request with it's own MAC. "PC1" then forwards the ICMP packet to R2 and R2 uses it's routing table to determine where to forward the packet based on the destination IP (in this case R1).

Thanks for the help!