2950 with no Default-Gateway

Unanswered Question
Oct 5th, 2007
User Badges:

How can a L2 switch with no default-gateway set be accessible from another subnet?? Because one of the switches I have is accessible from a separate subnet, through a router; without it having a default-gateway set on itself?


Any ideas?

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (2 ratings)
Loading.
Kevin Dorrell Fri, 10/05/2007 - 06:40
User Badges:
  • Green, 3000 points or more

If there is no default gateway set, then it will ARP for everything, even for addresses that are off its subnet. Your router is responding to these ARP requests as a proxy ARP.


Kevin Dorrell

Luxembourg

mikedelafield Fri, 10/05/2007 - 06:58
User Badges:



I understand it will still ARP but surely the switch should not even be conscious of any network outside its own?


Does that then mean the switch is different in some way to a PC, because when I tried the same with a PC (same subnet, no with gateway) I could not get connectivity out of the subnet?


Secondly, am I to assume it has nothing to do with the supernet of 172.24.0.0/16?


Thanks.

Kevin Dorrell Fri, 10/05/2007 - 07:06
User Badges:
  • Green, 3000 points or more

Yes, it does behave differently from a PC. If you take a router, for example, and do no ip routing and no default gateway, then it will ARP for anything you tell it to ping, even off its subnet.


Kevin Dorrell

Luxembourg


mikedelafield Fri, 10/05/2007 - 07:36
User Badges:

Thanks.

But in this case it is a Switch not a router and I have checked the config on the Router itself and proxy arp is not enabled.


However there is a command IP CGMP which I am not sure about?


Thanks again.

Richard Burts Fri, 10/05/2007 - 07:53
User Badges:
  • Super Silver, 17500 points or more
  • Hall of Fame,

    Founding Member

  • Cisco Designated VIP,

    2017 LAN, WAN

Michael


Are you saying that proxy arp is not enabled on the router because you do not see any command for it on the router, or do you see that is is explicitly disabled? In most versions of IOS proxy arp is enabled by default and does not show up in the config.


Probably the best way to determine the status of proxy arp is on the router to do show ip interface . This output will have a statement showing whether proxy arp is enabled or disabled.


HTH


Rick

mikedelafield Fri, 10/05/2007 - 08:01
User Badges:

Hi Rick.

Thanks for that.


Show ip interface VLAN1 shows that Proxy ARP is enabled.


So what exactly happens in this case?


The switch chooses to send out an ARP even though it does not have a default-gateway set? Then the router picks this up and does a Proxy ARP?


In this case why did the PC Host I tested not work?

Richard Burts Fri, 10/05/2007 - 09:45
User Badges:
  • Super Silver, 17500 points or more
  • Hall of Fame,

    Founding Member

  • Cisco Designated VIP,

    2017 LAN, WAN

Michael


Ordinarily we think of ARP as a function on the local LAN (we arp for local destinations and we use the default gateway for remote destinations). But sometimes a device will ARP for a destination that is remote - and the behavior of this switch is one example of that. When a router receives an ARP request for a destination that is remote it checks to see if proxy arp is enabled. If proxy arp is enabled and if the router has a valid route to the remote subnet then the router responds to the ARP request using its own MAC address. If proxy ARP is not enabled then the router does not respond.


That is what happened when you test from the switch. I am not clear about the PC. I thought that your earlier post indicated that the PC worked. Now the post seems to say that the PC did not work. Perhaps you can clarify?


[edit] I just read through the thread again and realize that you are talking about 2 PCs - one with a default gateway that does work and one without a default gateway that does not work. The explanation is that the PC without a default gateway does not ARP for remote destinations while the switch does ARP for remote destinations when it has no default gateway. This is a difference in the way the IP stack is implemented in the PC as compared to the way it is implemented in the switch. The behavior of the PC is more what we expect. But that does not make the switch behavior invalid - just somewhat unexpected. I remember being quite surprised when I discovered that this is what the switch will do with no default gateway.


HTH


Rick

mikedelafield Fri, 10/05/2007 - 06:42
User Badges:

Switch VLAN1 interface.


IP 172.24.28.4

SM 255.255.255.0

GW -not set-


Host PC for access.


IP 172.24.24.4

SM 255.255.255.0

GW 172.24.24.1


The router (172.24.24.1) has an interface in both the 172.24.24.0/24 network and the 172.24.28.0/24 network and is the default gateway for both on 172.24.24.1 and 172.24.28.1, however the Switch does not have a default-gateway set.


For some reason though I can still telnet to the device from my host PC? Any ideas?


I thought it might perhaps have something to do with the supernet of 172.24.0.0/16, however I am not sure. Can someone shed some light on it as I am certain this should not be working?


The switch is not capable of routing, it is a 2950.


I have tried added a PC Host to the 172.24.28.0/24 as well, without a default gateway set and that cannot access the 172.24.24.0 network as expected!! But the switch can!


Strange.

Richard Burts Fri, 10/05/2007 - 06:54
User Badges:
  • Super Silver, 17500 points or more
  • Hall of Fame,

    Founding Member

  • Cisco Designated VIP,

    2017 LAN, WAN

Michael


Your message is pretty close after the response from Kevin so I am assuming that you had not seen his response when you sent this. I believe that Kevin has correctly identified the explanation as the fact that the switch with no gateway configured will ARP for everything and if the router has proxy arp enabled then the router will respond to the switch arp and this enables communication from the switch to the PC.


HTH


Rick

Actions

This Discussion