but here it is disabled and still

i can ping the internet ip?

3550SMIB(config)#no ip routing
3550SMIB(config)#end
3550SMIB#ping 4.2.2.2

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 4.2.2.2, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 44/48/52 ms
3550SMIB#ping 4.2.2.2

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 4.2.2.2, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 44/48/52 ms
3550SMIB#sh ip route
Default gateway is not set

Host               Gateway           Last Use    Total Uses  Interface
ICMP redirect cache is empty
3550SMIB#

how is this working then?

mahesh

Hi,

what is your topology, how are you connected to internet?

Regards.

Hi.

thanks for reply.

Switch B  which we are talking about has connection to Switch A.

HSRP runs between switch A and B.

Switch A  has connection to Router and Router connects to Cable modem.

MY thinking is that as Switch A  has HSRP  active state for VLAN thats how it may be going to internet with ip routing and

ip route 0.0.0 .x.x.  command

thanks

mahesh

Would this be because the default-gateway of the router is defined in the switch?

ip default-gateway x.x.x.x

Or would it be due to proxy arp?

Regards,

Steve

Mahesh

When you enable ip routing on the switch it enables the switch to route between vlans on the loca switch, and to route to remote subnets, assuming that an appropriate default gateway is known. If ip routing is not enabled on the switch then the switch will forward VLAN traffic at layer 2, but any routing between VLANs (and between subnets) must be done on a connected layer 3 device.

When you ping from the switch you are pinging from the management interface of the switch. This has nothing to do with whether the switch has ip routing enabled or not. A ping from the switch management interface to a remote address will work if the switch has a default gateway configured or if the switch does an ARP for the remote address and the layer 3 device has enabled proxy arp.

HTH

Rick

hi richard,

thanks for reply

but in my case this layer 3 switch i can ping outside my network with out ip routing command or ip route command and

also no ip default gateway is configured?

regards

mahesh

Mahesh

I am not sure that I understand your question. But let me give this explanation in hopes that it is close.

Enabling ip routing has to do with whether the switch is able to route between VLANs on the switch ( if an IP packet is received on a port in one VLAN/subnet can the switch forward it out a port in a different VLAN/subnet ? ) When you ping from the switch you are pinging from the management interface. This can work (or not work) independent of whether ip routing is enabled or not. When you ping from the switch management interface to a destination in a remote subnet the switch will look to see if it has a default gateway configured. If a default gateway is configured the switch will forward to the default gateway and the ping will work. If a default gateway is not configured, most of the modern Catalyst switches will ARP for the destination (whether is is in the local subnet or not). If the next hop layer 3 device has proxy arp enabled then the ping from the switch will work.

HTH

Rick

Hi Mahesh,

Can you send over the output of " sh run | i default " from your switch ?

Swati

Hi MAhesh,

A little more explanation to the possible scenario in which the pings to 4.2.2.2 is succeding

from your layer 3 switch:

layer 3 switch------router

when you ping from switch to 4.2.2.2 ,switch do an ARP for 4.2.2.2 ,if proxy ARP is enabled on the router ,it will reply with its own mac address and in this way we would be able to reach out to the internet.

To confirm the same do a " sh ip arp 4.2.2.2 " from the switch and check the mac address from that output .

From thereon go to the router and check its mac ,if the both mac matches that would mean that pings are getting suceesful because of the proxy ARP feature on the router

hi swati ,

i did as per your request

3550SMIB#sh ip arp 4.2.2.2
Protocol  Address          Age (min)  Hardware Addr   Type   Interface
Internet  4.2.2.2                96   0000.0c07.ac01  ARPA   Vlan10

3550SMIB#sh mac add
3550SMIB#sh mac address-table add
3550SMIB#sh mac address-table address  0000.0c07.ac01
          Mac Address Table
-------------------------------------------

Vlan    Mac Address       Type        Ports
----    -----------       --------    -----
  10    0000.0c07.ac01    DYNAMIC     Gi0/2
Total Mac Addresses for this criterion: 1

3550SMIB#sh cdp nei gi0/2
Capability Codes: R - Router, T - Trans Bridge, B - Source Route Bridge
                  S - Switch, H - Host, I - IGMP, r - Repeater, P - Phone

Device ID        Local Intrfce     Holdtme    Capability  Platform  Port ID
3550SMIA         Gig 0/2           123          R S I     WS-C3550- Gig 0/2

3550SMIB#3550SMIA
Trying 3550SMIA (192.168.5.2)... Open

User Access Verification

Username:

Password:
3550SMIA#sh mac add
3550SMIA#sh mac address-table add
3550SMIA#sh mac address-table address 0000.0c07.ac01
          Mac Address Table
-------------------------------------------

Vlan    Mac Address       Type        Ports
----    -----------       --------    -----
  10    0000.0c07.ac01    STATIC      CPU
Total Mac Addresses for this criterion: 1

so this mac address is of HSRP  config on layer 3 switch A.

Layer 3 switch A ___________________________has connection to Router.

thanks

mahesh

Swati

While I agree that it would be helpful to know whether the switch has a default gateway configured or not, this will not determine whether the switch is able to ping to remote resources. I have seen a number of Catalyst switches that did not have default gateway configured but were still able to ping remote resources.

I tested some of these and found that the Catalyst code (at least for some platforms in fairly recent code versions) will ARP for remote destinations when there is no default gateway configured. And if the layer 3 next hop has proxy arp enabled, then the ping from the switch to a remote address (with no default gateway configured) will be successful.

HTH

Rick

Hi Rick,

many thanks for reply.

how can i check if nei layer 3 switch has proxy arp configured or not?

regards

mahesh

Hi swati ,

here is info u needed

3550SMIB#sh ip route
Default gateway is not set

Host               Gateway           Last Use    Total Uses  Interface
ICMP redirect cache is empty

3550SMIB#sh ip route 4.2.2.2
Default gateway is not set

Host               Gateway           Last Use    Total Uses  Interface

ICMP redirect cache is empty

3550SMIB#sh run | i default
3550SMIB#

3550SMIB#sh cdp nei
Capability Codes: R - Router, T - Trans Bridge, B - Source Route Bridge
                  S - Switch, H - Host, I - IGMP, r - Repeater, P - Phone

Device ID        Local Intrfce     Holdtme    Capability  Platform  Port ID
3550SMIA         Fas 0/3           163          R S I     WS-C3550- Fas 0/3
3550SMIA         Gig 0/2           159          R S I     WS-C3550- Gig 0/2
3550SMIB#
thanks

mahesh