Static Route

Unanswered Question
Jun 9th, 2009


I am using a Cisco 857. Most PC's on the LAN are using IP range I have created another network on, and another on

I have added the commands

ip route vlan1

ip route vlan1

From PC's on the 192.168.1.x range, I can ping PC's on the 192.168.20.x range, but cannot ping anything on the 192.168.23.x range.

The network settings on the PC's are the same - both using the router as a gateway - is there anything else that I'm missing?



  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Giuseppe Larosa Tue, 06/09/2009 - 03:54

Hello Nick,

I would use for the static routes the form

ip route

ip route

using the lan outgoing interface means the 857 has to rely on proxy-arp on other device.

if the gateway for net has ip proxy-arp disabled your static route doesn't work (it cannot find the destination MAC address to whom to send the frame)

Hope to help


nickc1976 Wed, 06/17/2009 - 02:30

Thanks Giuseppe,

I don't think I follow though. I only have one router, and all my networks are attached to vlan1, so the router's ARP table should contain all entries for all my networks.

As all my networks are connected to the same router, what should be entered as the ip-next-hop?




The machines will ONLY arp for the address that matches the configured subnet and mask. IF the address does not match, without proxy-arp enabled on the layer 3 device controlling the routing for the other subnets, it will not work.

Even though you have a flat VLAN topology - you still need a layer 3 routing device to handle the routing between the 3 x /24 subnets.


francisco_1 Wed, 06/17/2009 - 02:48


In a routed network directing a static route to an exit broadcast interface without specifying the next-hop address can cause an excessive amount of traffic on the broadcast network, and also might eat up the router's memory. For example, you are pointing both routes out via an exist interface. In a routed enviroment a router will assumes and is directly connected. Therefore, when attempting to route to any address on those subnets, the router sends an ARP request to find the MAC address to which to forward the packet. Each attempt to reach an address on both networks, whether the destination is valid or not, will result in an ARP request, an ARP response if a router on the broadcast network is responding on behalf of the and networks (proxy ARP), and a potentially large ARP cache on the router. By appending the next-hop address to the static route entry, ip route for example, the router no longer assumes that the destination is directly connected. The only ARP traffic is for the next-hop address, which only occurs for the first packet destined to a host on network, rather than for every packet destined to a new host on network

Specify the exit interface and the next-hop address to minimize table lookups associated with finding the exit interface for a specified next-hop address, and to minimize traffic on the broadcast network.

hope that helps.

nickc1976 Wed, 06/17/2009 - 03:21

Thanks for your replies.

I'm sure that proxy-arp is enabled on this router - is there a show command I can use to confirm this?

I'm still confused about what should be my next hop address. Can it be any PC in the network?


You can see if proxy arp is enabled - by the lack of config on the routers lan inteface, if you have no ip proxy-arp configured, then proxy arp is disabled.

If you have a network and your machines have an ip address in that range. If that machine wants to take to then the machine will pass on the traffic to the confiured default gateway - as the .20.x is NOT in the same ip subnet.

If your router has a static route pointing the out an interface - then the router will have to arp for the address, if it does not recevie a reply then the router will drop the packet from the oringinating machine.

The router NEEDS to pass the traffic onto another device that CAN connect to If you do not define a next hop gateway this will never work.

You need to define the static route pointing to another layer 3 device that can route to those ip subnets.

francisco_1 Wed, 06/17/2009 - 03:46

I'm still confused about what should be my next hop address. Can it be any PC in the network?

to decide that we would need to see a network diagram for your network to undestand traffic flow between your network devices. post a diagram if you have one.

The next hop should be a routed device (either a switch doing L3 routing or a router) that can handle routing for the subnets. Can be either directly connected or not...

iyde Thu, 06/18/2009 - 04:24


Are all three subnets directly connected to the 857 router or are the two new subnets sitting behind another router?

If it is the latter then the next-hop is the IP address of this other router's interface connecting it to network.

If it is the former then something in the config of the 857 router must be blocking the network.


Richard Burts Thu, 06/18/2009 - 05:17


If I am understanding correctly that both of the new networks are in the same VLAN with the original network, then I would suggest that static routes are not what you need. What you really need to do is to configure and as secondary addresses on the router interface. When configured as secondary addresses the router will consider them to be directly connected and will route for them without needing any static routes configured.



nickc1976 Mon, 06/22/2009 - 02:01

Hi all, and are directly connected to the router.

I think something else in the network must be denying access, because I can now access the network with the static route command, but not the network. I will try and find out what could be blocking this traffic and post back.



iyde Mon, 06/22/2009 - 20:51


If both networks are directly connected to the router then it's not the static route that helps you. There must be something else that is blocking.

Would it be possible for you to post the config of the router to the forum? This would greatly enhance our possibilities for helping you.


kishan1984 Mon, 06/22/2009 - 20:59

is host from 192.168.20.* & 192.168.30.* series subnet are connected on same switch? what are teh vlan assigned to both ports & what default gateway configured on teh switch where 192.168.30.* series host are connected.


This Discussion