cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1345
Views
0
Helpful
7
Replies

LAN layer2/layer3 switching/routing Confusion

MMstre
Level 3
Level 3

I have a customer that is doing a migration.  And when we change the default gateway, it causes problem.  However, based on my understanding of how L2 and L3 switching and routing works, it should not.  I would just like some clarification to my understanding.

The scenario is

There are 2 internet paths, the old and the new.  The new will be the default for all devices.  The old path is need for connection to a PPTP server.

Internal addressing is 10.33.20.x,  PPTP pool addresses are in the same subnet.  PPTP default gateway is the new core switch, which has a default route to the new internet router (10.33.20.250)

The internal IP of the old router is 10.33.20.1, and the new default gateway is 10.33.20.2 (core switch)

My understanding of R/S is this

When a client makes a connection, it ARPs and receives the address on the old internet router (im skipping multiple hops, but lets assume we are directly connected). The frame is then sent from the client with the original source IP/MAC, and the destination public IP of the PPTP server and Router MAC. The router forwards the frame with the original client IP and Router MAC, destined to the server Internal IP (NAT occurs here) and server MAC. On the return path, the server send the reply to the IP and mac it received (the client IP, and MAC of router) and its own internal IP/MAC.  the router receives this, reverse NATs the server Internal IP to the Public IP, replaces the server source MAC with the router MAC, and swaps the destination MAC with the client MAC, and sends back to the client IP and client original MAC.  At this point, the PPTP should setup...

So because the PPTP pool and server IP are on the same subnet, the default gateway should not come into play, especially since the server is responding to the request. 

The server will never initiate the converstion, so it should never have to ARP the new gateway for the public IP, thus getting the new gateway and using that path.  It should only need to respond to requests using the destination MAC of the router...

So why does switching the default gateway cause this to fail?

If i change the core switch to default route to the old internet, the PPTP wirks.  but if i default route to the new internet, it fails.

Thoughts???

Any clarification would be greatly appreciated

Thanks

Mike

1 Accepted Solution

Accepted Solutions

Nicholas Beard
Level 1
Level 1

Michael,

A diagram would certainly help us out with your topology here, but i'll try my best at a stab at this....... from my understanding you have the following -

An old router on - 10.33.20.1

A new router on - 10.33.20.250

A new core switch - 10.33.20.2

A default route from the new core switch to the new router

A PPTP server with the default gateway of 10.33.20.2

PPTP clients accessing the PPTP server from the internet through the old internet line on 10.33.20.1

Client A connects to PPTP server through the old internet feed (10.33.20.1)

The PPTP server has the default gateway of 10.33.20.2 (new core switch)

The new core switch has a default route to the new router (10.33.20.250)

This would essentially mean the server is attempting to respond to the clients connection through the new default gateway; therefore, the client will never receive the return path traffic.

Hope this helps.

Nick

View solution in original post

7 Replies 7

danabersoch
Level 1
Level 1

Hi Mike,

Struggling to work out exactly where the PPTP server is in relation to the clients trying to access it, a diagram would definitely help.

If the PPTP server is on the web then you will need to accomodate the establishment of the PPTP connection in regards to routing.

As I said I am unsure of the topology of this scenario so if you could provide a diagram then that would be perfect.

Nicholas Beard
Level 1
Level 1

Michael,

A diagram would certainly help us out with your topology here, but i'll try my best at a stab at this....... from my understanding you have the following -

An old router on - 10.33.20.1

A new router on - 10.33.20.250

A new core switch - 10.33.20.2

A default route from the new core switch to the new router

A PPTP server with the default gateway of 10.33.20.2

PPTP clients accessing the PPTP server from the internet through the old internet line on 10.33.20.1

Client A connects to PPTP server through the old internet feed (10.33.20.1)

The PPTP server has the default gateway of 10.33.20.2 (new core switch)

The new core switch has a default route to the new router (10.33.20.250)

This would essentially mean the server is attempting to respond to the clients connection through the new default gateway; therefore, the client will never receive the return path traffic.

Hope this helps.

Nick

Aahh, fair play Nicholas that would seem to be the scenario, can you confirm Mike?

If thats the case and you need to keep the default route on the core switch pointing at your new router then you could configure a policy route for the traffic that is from the IP address of the PPTP Server on the core switch, maybe.

Hi All,

Thanks for the replies.  Nicholas is very close to the scenario, i apologize for excluding some details. 

The PPTP connection actually is established to an external IP, NAT's to an internal IP of the PPTP server (10.33.20.?).  So yes it comes through the old router (Internal interface- 10.33.20.1), to an inside PPTP server.  All default gateways internally point to a new core switch (10.33.20.2), which then points to the new gateway (10.33.20.250).  I also missed a detail, the new router isnt a router, its a firewall.  But the topology remains the same

Everything connects to the core switch.  The diagram would be the cors switch in the center, with all nodes connected to it, i am sorry i dont have an image to upload at the moment, but here is a rough attempts.

Old router (Ext 63.?.?.?/Internal 10.33.20.1)            Firewall (10.33.20.250)

                                                             \                    /

                                                               \                 /

                                                                \             /

                                                                 --------------------------

PPTP server (10.33.20.?) ------------| 6506 (10.33.20.2) | ----------------- Network (10.33.20.0)

(NAT'ing 63.??? to 10.33.20.?)      ---------------------------

In my understanding enthernet communications, why would i need to point the default gateway to the old router?

The PPTP is responding to the request, shouldnt it use the MAC of the router that the request came in on, and then respond using that as the destination?  When the request came in, it came in with source IP if client, and source of router, shouldnt it have stored that binding and responded used that? I am just not sure why the PPTP server's gateway would ever come into play. 

Michael,

What you are referring to is a feature called "Proxy ARP" where a device on a given network answers the ARP queries for a network address that is not on that network.

Routers operate at layer 3 and therefore do not forward ARP (layer 2) requests.  If a host wanted to communicate with another host on a different segment then it will ARP for the MAC address of its default gateway.

Hope this helps

Thanks

Nick

All,

Here is what i have come to conclude...

The PTP server, or any device for that matter, does not respond to the MAC, only the IP.

If the IP is on the same subnet, then it maps that IP-MAC in its ARP table.

If the initiating node is on another subnet, it uses the MAC of its default gateway, now this all stands to reason.

My question was, if a remote node on another subnet came in on another router, why wouldn't it use that routers mac instead of the default gateway, and the only answer i can come up with is that the device maps the mac of its default gateway and uses that ONLY anytime a remote request comes in.  So even if communication is established through another router, the device sees a remote IP and says "OH, send all remote IPs to this MAC (of the default gateway) regardless of where it came from...(Not actually caring or paying attention to what MAC it came from)"

Does this sound about right?

Yes that is absolutely correct.

The host will simply compare the destination IP address to its local subnet.  If the IP address is different to its local subnet it knows to send it to its default gateway.  If it doesn't have an ARP entry for its local gateway it will ARP for that IP and NOT the destination IP.

Nick

Review Cisco Networking for a $25 gift card