ok, I may be missing something simple, but I have 2 3550's no ip routes, no default gateway set, no dns servers set, yet I can ping outside addresses, traceroute to them and resolve names miraculously, any ideas where these default routes might be coming from
ip address 10.20.30.21 255.255.255.0
ip address 10.20.39.12 255.255.255.0
ip http server
line con 0
line vty 0 4
password 7 070A20581D0C1C09
line vty 5 15
password 7 02050D480809
ussw01#sho ip route
Default gateway is not set
Host Gateway Last Use Total Uses Interface
ICMP redirect cache is empty
Type escape sequence to abort.
Tracing the route to vnsc-pri.sys.gtei.net (22.214.171.124)
1 10.20.30.2 0 msec 0 msec 0 msec
2 10.125.48.1 33 msec 33 msec 17 msec
3 653230hfc242.tampabay.res.rr.com (126.96.36.199) 25 msec 26 msec 50 msec
4 ge1-2-0.tampfledc-rtr3.tampflrdc.rr.com (188.8.131.52) 17 msec 17 msec 50 mse
5 te-3-1.car2.Tampa1.Level3.net (184.108.40.206) 143 msec 92 msec 51 msec
6 vnsc-pri.sys.gtei.net (220.127.116.11) 58 msec 42 msec 34 msec
My guess is that this device is broadcasting an ARP request for a default gateway when you run the trace. Since it is in the same vlan as the next hop, 10.20.30.2, the next hop receives the request and responds, since it has proxy-arp enabled.
This device forwards to the next hop, the next hop routes the packet to its next hop - and so on, and then, on the return trip, the next hop does a L2 forwarding to this device, since they are on the same vlan.
This is my guess...
heres my problem with that, since 18.104.22.168 is on a differnet subnet, he doesn't arp for 22.214.171.124, he should arp for 10.20.30.2, but how does he know that 10.20.30.2 is his default gateway, proxy arp is usually when you have varied subnet mask and the host arps and the router forwards the arp request, in this case i don't think an arp request for 126.96.36.199 would be answered by anyone even if it was proxied.
Then you have two choices:
1.) Turn on some debugging and see what the switch is doing when you execute a trace.
2.) Call a priest to perform an Exorcism on your switch because it may be possessed by a router demon. :-)
I'm a bit crazy right now.(grin) Is this lab environment? Would you please do "ping 188.8.131.52" and "debug ip packet detail"?
I just want to see which source ip address it is using. If it is something like 10.20.30.X. It should not do ARP for 184.108.40.206. I would see "unroutable" in debug.
its not a lab environment, and you are correct it shouldn't arp for 220.127.116.11, it should arp for 10.20.30.2 as that is the correct default gateway and it is working the problem being is how is it finding out what that default gateway is as it isn't configured, and how is it resolving names in the traceroute as there are no dns servers configured. My problem isnt that something isn't working and should be, it is that it is working and it shouldn't be.
actually i have 2 switches, 10.20.30.21 and .22, correct default gateway is .1 using glbp, and it is sending to .2 and .3. they are both working in this manner, there are no default routes, no ip routes, no dns servers, yet I can ping remotely, reach them from remote subnets and ping by name. Go figure.
Translating "www.cisco.com"...domain server (255.255.255.255) [OK]
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 18.104.22.168, timeout is 2 seconds:
Success rate is 0 percent (0/5)
no where in the config is a dns server configured, so how is it resolving?
I thought that would be an "ip domain lookup " command is on. It's using 255.255.255.255.
However I'm waiting for "ping 22.214.171.124" and "debug ip packet detail".
cant do that in middle of day, but it should show me sending the packet to the virtual mac of my glbp routers, and if i do a sho ip arp that is what it has for all external addresses
Internet 126.96.36.199 54 0007.b400.0101 ARPA Vlan30
Internet 10.20.34.10 229 0007.b400.0101 ARPA Vlan30
Internet 10.91.30.7 84 0007.b400.0101 ARPA Vlan30
Internet 10.20.36.186 25 0007.b400.0101 ARPA Vlan30
Internet 188.8.131.52 8 0007.b400.0101 ARPA Vlan30
Internet 10.20.36.184 90 0007.b400.0101 ARPA Vlan30
Internet 10.20.36.183 172 0007.b400.0101 ARPA Vlan30
Internet 10.20.36.168 156 0007.b400.0101 ARPA Vlan30
Why it sent to one of gblp routers. How can it request that mac-address,0007.b400.0101 if it didn't configure the default-gateway. Properly be 10.20.30.1.
I will open TAC case for Victor.
Victor, Are you there? (grin)
Do you think reloading C3550 will solve this issue? (grin)
Don't forget to post the output I asked for If you're available to do that.
Hey, now that I got the 2 of you guys here, check this out for a sec:
I have a switch access port configured for switchport voice vlan 580.
Then I have the SVI for 580.
Then I plug the laptop into the switchport and try to PING SVI. Doesnt work.
When I remove the voice vlan command and make it a regular data vlan (switchport access vlan 580), it works.
Im wondering why. Have you encountered this before?
Taking a guess, I would think that the voice vlan command lets the switchport expect a voice packet with voice signalling information in the header. When it doesnt see that, it just kills the packet.
IS that what you think is happening?
i think that your laptop isn't sending cdp so switchport doesnt' recognize a cisco phone on the end so doesnt use voice vlan.
My turn, I think that switch is waiting for tagged packets and then untag it before sending it out to SVI(voice). Your pc can tag packets. NO! Voice Vlan? That's why IP-Phone has to do some with the packets to separate data(untagged) vlan and voice vlan.
the way that the switch determines to use the voice vlan is that it recognizes a cisco ip phone via cdp, no phone, no voice vlan. yes your pc can tag packets, but unless the switch sees an ip phone plugged in via cdp it wont use the voice vlan and the port will stay and access port.
Please correct me if I'm wrong. I used to do the following commands with Avaya IP phone. Well, Don't get me wrong. I indeed love cisco ip phone.
switchport mode access
switchport access vlan 100
switchport voice vlan 300
Well,Avaya will not know about cdp. What it does is that it will tag voice packets and leave data traffic as untag and send them to the switch.
I got nothing from cdp but interface is up and works like a charm. I think that CDP is pretty cool for cisco ip phone. IP-Phone will learn about you already configured. That's cool. Avaya engineer(not me(grin)) has to manually configure voice vlan on the avaya phone itself to tell it. Part of data traffic will depend on what we configured at the port because they are coming with untagged packets.
I was under the impression that the cisco switch wouldn't use the voice vlan unless it saw a phone via cdp, but the avaya gets its voice vlan via manual config or dhcp, so maybe as long as the device attached supports q tagging it will work. That would also mean that his laptop would have to have a nic that supported 802.1q tagging otherwise would be put in data vlan. I am verifying about the switchport
Off topic, My country many customers use Avaya and Nortel. What about yours? and how are you doing? (grin)
yes a lot use avaya and nortel and my issue is resolved. proxy arp was enabling the routing and the ip domain lookup to the 255.255.255.255 was resolving the names.
That's great. But I'm a bit confused. I'm not sure that why the switches do ARP for 184.108.40.206. Am I missing something?
"proxy arp was enabling the routing"
Ehem...seems like someone suggested that at the beginning of this thread. Gee, I wonder who it was. ;-)
I'll take my 5 POINTS now...from BOTH of you...
Thank you...thank you (blowing kisses to an endearing crowd)