04-13-2010 08:40 AM - edited 03-06-2019 10:35 AM
Hi expert,
The vendor told me that the layer 2 device is for packet switching, not for rounting. I have some questions regarding the "default route" on layer 2 switch. Grateful if expert would enlighten me.
Below please find the config of cisco 2960G switch.
1. what is the different between "ip default-gateway" and "ip route 0.0.0.0 0.0.0.0" on 2960G?
2. if the defaul route is deleted from the 2960G, what will happen?
3. why does vendor configure the default route on the layer 2 switch? what does it aim for?
Thanks
---------- Configuration of 2960G ---------
interface GigabitEthernet0/1
switchport mode access
!
interface GigabitEthernet0/2
switchport mode access
!
interface GigabitEthernet0/12
switchport access vlan 2
switchport mode access
!
interface GigabitEthernet0/24
description To core layer 3 switch
switchport mode trunk
!
interface Vlan1
ip address 192.168.1.20 255.255.255.0
no ip route-cache
!
ip default-gateway 192.168.1.10
---------- end of configuration -------
rdgs
Solved! Go to Solution.
04-13-2010 08:56 AM
Hello Anita,
>>
1. what is the different between "ip default-gateway" and "ip route 0.0.0.0 0.0.0.0" on 2960G?
2. if the defaul route is deleted from the 2960G, what will happen?
3. why does vendor configure the default route on the layer 2 switch? what does it aim for?
1) if ip routing is disabled = no ip routing ip default-gateway is used to provide a default gateway to switch TCP/IP management stack
if ip routing is enabled = ip routing ip default-gateway is ignored, and you need a default static route like ip route 0.0.0.0 0.0.0.0
so if C2960 is l2 only you cannot enable ip routing
2) if no ip default-gateway is defined the device will try to relay on IP proxy ARP: if it is enabled on a device reachable on the management SVI for example vlan 100 you will be able to telnet/ssh from a different IP subnet otherwise this is not possible at all.
3) to reach the device for management purposes : telnet / ssh, SNMP to receive syslog messages
all this is not used for used traffic that is simply switched at L2
the use of a default-gateway minimize ARP activity on switch management stack so it is a good idea.
Hope to help
Giuseppe
04-13-2010 08:58 AM
Anita:
If a device operates only in layer 2, you will not have ip routing enabled. You dont need it even if the device is capable of it because you are not forwarding packets based on the IP address information, but instead on the layer 2 MAC information.
OK, that having been said, on a layer 2 device, you would configure the ip default-gateway command in global configuration mode.
Th purpose of this command is simply to allow remote management traffic to be sent back to the administrator. It has nothing to do with forwarding user traffic at all. Its just for telnet, SSH, etc sessions.
If the layer 2 device does not have the ip default-gateway command configured, it will ARP for the administrator's address. Then, if the router that hosts/terminates the subnet that the switch is supposed to sit on has proxy ARP enabled, it will respond to the switch with its own address and the switch will then have a way back to the administrator.
If the device is routing, then the ip routing command will be entered in global configuration mode and the ip route 0.0.0.0 0.0.0.0 default route command can also be configured. That command DOES effect the forwarding of user traffic. It is an entry in the routing table of the L3 device.
Makes sense?
Victor
04-13-2010 08:56 AM
Hello Anita,
>>
1. what is the different between "ip default-gateway" and "ip route 0.0.0.0 0.0.0.0" on 2960G?
2. if the defaul route is deleted from the 2960G, what will happen?
3. why does vendor configure the default route on the layer 2 switch? what does it aim for?
1) if ip routing is disabled = no ip routing ip default-gateway is used to provide a default gateway to switch TCP/IP management stack
if ip routing is enabled = ip routing ip default-gateway is ignored, and you need a default static route like ip route 0.0.0.0 0.0.0.0
so if C2960 is l2 only you cannot enable ip routing
2) if no ip default-gateway is defined the device will try to relay on IP proxy ARP: if it is enabled on a device reachable on the management SVI for example vlan 100 you will be able to telnet/ssh from a different IP subnet otherwise this is not possible at all.
3) to reach the device for management purposes : telnet / ssh, SNMP to receive syslog messages
all this is not used for used traffic that is simply switched at L2
the use of a default-gateway minimize ARP activity on switch management stack so it is a good idea.
Hope to help
Giuseppe
04-13-2010 09:20 AM
Hi,
If the default-gateway is deleted from the 2960G, the users in all VLANs should not be affected. All LAN traffic would go to trunk cct. The SNMP and router management may not be working properly. Is it correct?
rdgs
04-13-2010 09:28 AM
Correct. The users will not be effected at all.
As for remote management, if proxy ARP is enabled on the router, it, too, will be OK.
HTH
VICTOR
04-13-2010 08:58 AM
Anita:
If a device operates only in layer 2, you will not have ip routing enabled. You dont need it even if the device is capable of it because you are not forwarding packets based on the IP address information, but instead on the layer 2 MAC information.
OK, that having been said, on a layer 2 device, you would configure the ip default-gateway command in global configuration mode.
Th purpose of this command is simply to allow remote management traffic to be sent back to the administrator. It has nothing to do with forwarding user traffic at all. Its just for telnet, SSH, etc sessions.
If the layer 2 device does not have the ip default-gateway command configured, it will ARP for the administrator's address. Then, if the router that hosts/terminates the subnet that the switch is supposed to sit on has proxy ARP enabled, it will respond to the switch with its own address and the switch will then have a way back to the administrator.
If the device is routing, then the ip routing command will be entered in global configuration mode and the ip route 0.0.0.0 0.0.0.0 default route command can also be configured. That command DOES effect the forwarding of user traffic. It is an entry in the routing table of the L3 device.
Makes sense?
Victor
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide