03-16-2010 02:39 PM - edited 03-06-2019 10:10 AM
I'm wondering about the pros & cons of not using a default-gateway on a Catalyst switch (3750E) being used as an IDF. Switch has an IP, but just for remote management. All L3 interfaces are on the core switch pair (using vrrp .1)
My peer engineer says we should, but I don't really see the benefit. The switch is reachable without issue. Should I add it or not?
thanks!
03-16-2010 02:54 PM
I've been deploying switches without default-gateway and they are all reachable.
03-16-2010 02:55 PM
Whoopsie! Double posting.
03-16-2010 03:22 PM
Hello,
to minimize ARP activity:
without an ip default-gateway the device relies on proxy-ARP enabled on L3 devices to find a way to send traffic to any destination.
It is sure that it should just answer to management workstations and to telnet/SSH sessions but if someone disables proxy-arp for security you will be not able to reach them.
I remember a similar case in a network when after some hardening there was a connectivity issue.
So I would deploy the ip default-gateway it costs just a config line.
Hope to help
Giuseppe
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: