Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
611
Views
0
Helpful
5
Replies

Not sure what i'm missing. Switch reaching outside network.

cylemmulo1
Level 1
Level 1

‎09-07-2018 08:22 AM - edited ‎03-08-2019 04:06 PM

I'm looking to understand how a certain switch is reaching outside its network.

I've got a switch (2960) in my room office, no ip routing enables, no default-gateway set, no management port. It's assigned let's say 10.0.0.2 /25 on a vlan. That's hooked up to a multiplayer switch to get it out. Now my PC is 10.0.0.200/25. My PC is able to reach it and management, and how is what i'm trying to figure out.

I thought it might be proxy arp, but testing disabling that didn't stop things. It's disabled at the gateway router as well.

One person I talked to said that if it's sitting in the same segment, it would be able to still route out with that multilayer switch. I don't quite understand this though.

Is there something I'm missing? My understanding is that it should just drop that packet when it sees it has no path back, simple as that. Am i be stupid?

 

Labels:
0 Helpful
5 Replies 5

Georg Pauwen
VIP
VIP

‎09-07-2018 08:38 AM

Hello,

 

in theory, 10.0.0.2/25 should not be able to talk to 10.0.0.200 without a layer 3 device. Can you post the configurations of your switch and your router ?

0 Helpful

cylemmulo1
Level 1
Level 1
In response to Georg Pauwen

‎09-07-2018 08:48 AM - edited ‎09-07-2018 08:58 AM

 

ALL_2960_OFF_23-2#sh run int vlan 2
Building configuration...

Current configuration : 63 bytes
!
interface Vlan2
ip address 192.17.0.30 255.255.255.224
end

ALL_2960_OFF_23-2#sh run int vlan 3002
Building configuration...

Current configuration : 107 bytes
!
interface Vlan3002
description MGMT
ip address 10.0.0.2 255.255.255.128
no ip proxy-arp
end
ALL_2960_OFF_23-2#ping 10.0.0.200
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.0.0.200, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/2/4 ms
ALL_2960_OFF_23-2#ping 192.0.42.3
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.0.42.3, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/2/4 ms

 

 

 

My router

10.0.0.0/16 is variably subnetted, 11 subnets, 6 masks
C 10.0.0.128/25 is directly connected, Vlan3000

C 10.0.0.0/25 is directly connected, Vlan3002

!
interface Vlan3000
ip address 10.0.0..214 255.255.255.128
end

ALL_3750_SR3#sh run int vlan 3002
Building configuration...

Current configuration : 68 bytes
!
interface Vlan3002
ip address 10.0.0.96 255.255.255.128
end

 

0 Helpful

paul driver
VIP
VIP
In response to cylemmulo1

‎09-07-2018 10:59 AM

Hello

@cylemmulo1 wrote:

My router

10.0.0.0/16 is variably subnetted, 11 subnets, 6 masks
C 10.0.0.128/25 is directly connected, Vlan3000

C 10.0.0.0/25 is directly connected, Vlan3002

!
interface Vlan3000
ip address 10.0.0..214 255.255.255.128
end


Can you post the full configuration of the rtr


Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul
0 Helpful

cylemmulo1
Level 1
Level 1
In response to paul driver

‎09-07-2018 12:01 PM

Hi sorry for the delay. So, the full router config I cannot due to security here and what is on it. I meant to grab more but I believe I did figure it out.

 

It appears to be proxy arp. I didn't think it would propagate that easily, and the reason I didn't see it was because proxy arp doesn't seem to work perfectly. I had to tracert where the traffic was trying to send the traffic to (try to proxy arp from i guess), then create the route there.  Sometimes it wouldn't take the summarized route, and sometimes it wouldn't switch over to the place with redirects configured. But after testing with a new subnet it appears to be it. I'm just not sure how I've never ran into that

 

0 Helpful

cylemmulo1
Level 1
Level 1
In response to Georg Pauwen

‎09-07-2018 09:08 AM

Sadly somehow my reply was removed for some reason.

 

 

Does this help? 

 

ALL_2960_OFF_23-2#sh ip route Default gateway is not set

Host Gateway Last Use Total Uses Interface

ICMP redirect cache is empty

Total cdp entries displayed : 1

ALL_2960_OFF_23-2#show ip int brief

Interface IP-Address

Vlan2 192.17.0.30

Vlan3002 10.0.0.2

ALL_2960_OFF_23-2#sh run int vlan 2

Building configuration...

interface Vlan2

ip address 192.17.0.30 255.255.255.224

ALL_2960_OFF_23-2#sh run int vlan 3002

interface Vlan3002

description MGMT

ip address 10.0.0.2 255.255.255.128

no ip proxy-arp

ALL_2960_OFF_23-2#ping 10.0.0.200 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 10.0.0.200, timeout is 2 seconds: !!!!! Success rate is 100 percent (5/5), round-trip min/avg/max = 1/2/4 ms ALL_2960_OFF_23-2#ping 192.0.42.3 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 192.0.42.3, timeout is 2 seconds: !!!!! Success rate is 100 percent (5/5), round-trip min/avg/max = 1/2/4 ms

 

 

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card