Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Incorrect Default Gateway on a PC but still able to route off net

Hello,

I have a PC on 10.1.2.x /24 with a correct def gatewat of 10.2.1.254. If I change the def gateway on the PC to be, for instance, 10.1.5.254 but leave the IP address of the PC as 10.1.2.x, the PC is still able to ping off net and route out to the Internet. I know it may be basic for some of you experts, but I am curious on how this can happen. I flushed the PC arp tables too.

THanks

Gene

1 ACCEPTED SOLUTION

Accepted Solutions
New Member

Re: Incorrect Default Gateway on a PC but still able to route of

Hello Gene,

The routers have a function that is enabled by default that's called "proxy-arp". The PC with the wrong gateway will still ARP to get the MAC address of this IP address. This ARP will be a broadcast at layer-2, so the right default-gateway will see it.

When the router sees this ARP request it thinks: "Mmmm, I know a route to that IP address; even if it's not in the right subnet I'll answer the ARP request with my MAC address". This is called proxy-arp. So the PC will still get the MAC address of the router and everything will work.

This behaviour can be disabled with this command at the interface:

"no ip proxy-arp"

Then the PC with the wrong def gateway will stop working, if you flush the ARP table of course...

Hope this helps,

Patrick

5 REPLIES
New Member

Re: Incorrect Default Gateway on a PC but still able to route of

Sorry, typo...10.1.2.x with a correct def gateway of 10.1.2.254....

Gene

Re: Incorrect Default Gateway on a PC but still able to route of

Take a look at netstat -rn to see if any routes are having around on the PC.

New Member

Re: Incorrect Default Gateway on a PC but still able to route of

Hello Gene,

The routers have a function that is enabled by default that's called "proxy-arp". The PC with the wrong gateway will still ARP to get the MAC address of this IP address. This ARP will be a broadcast at layer-2, so the right default-gateway will see it.

When the router sees this ARP request it thinks: "Mmmm, I know a route to that IP address; even if it's not in the right subnet I'll answer the ARP request with my MAC address". This is called proxy-arp. So the PC will still get the MAC address of the router and everything will work.

This behaviour can be disabled with this command at the interface:

"no ip proxy-arp"

Then the PC with the wrong def gateway will stop working, if you flush the ARP table of course...

Hope this helps,

Patrick

New Member

Re: Incorrect Default Gateway on a PC but still able to route of

Familar with proxy-arp. Had issues with it on by default on a PIX. Was not sure if a 3550 or 3750 had the same feature turned on by default. Actually the PC is plugged into a 3560 which uplinks to a 3550 which uplinks to the 6509. I believe the routing is handled at the 3550, which is probably where the proxy arp is turned on. So, this is probably why and there is no other magic going on. I will check the arp tables as the mac address should be the same for both the wrong def GW and the right def GW.

Thanks

Gene

Purple

Re: Incorrect Default Gateway on a PC but still able to route of

Generally it is recommended to have proxy arp turned off.

554
Views
5
Helpful
5
Replies