Solved: Need of ip default-gateway command on a lyer 2 switch

padramas · ‎10-21-2007

From my understanding,ip default gateway is used when routing is disabled on the device.

Let us take a scenario where PCs are connected to layer 2 switch which is further connected to a layer 3 device.

Do I need to have ip default g/w command on that switch pointing to layer 3 interface ?

Please help me out in better

understanding of ip default gateway command in switches that operate in layer 2 and scenarios when it is required to configure it.

Richard Burts · ‎10-21-2007

Padmanabhan

Your first point is correct that ip default-gateway is used when ip routing is disabled. This includes layer 2 switches. Perhaps we can clarify this a bit to show that this impacts traffic from the management interface of the switch and does not impact any traffic from the PCs that are attached to the switch. For the PCs attached to the switch they need to communicate with their configured default gateway and are not impacted by whether the switch has a default-gateway configured or not.

I would say that every layer 2 switch SHOULD have a default-gateway configured. But it is not definitely required. There have been several posts in the forum which show that a layer 2 switch configured with no default-gateway can still access remote addresses. They do this because they will ARP for every address - no matter whether it is local or remote they ARP. This can work if the layer 3 device supports proxy arp and in Cisco routers it is enabled by default. But remote access will not work if the layer 3 device does not support proxy arp. So my position is that layer 2 switches should have default-gateway configured so that there is no question about whether they will access remote addresses.

The situations in which it is required to configure default-gateway are situations in which the switch will not arp for remote addresses and situations where the layer 3 device does not enable proxy arp.

HTH

Rick

HTH

Rick

View solution in original post

Richard Burts · ‎10-21-2007

Padmanabhan

Your first point is correct that ip default-gateway is used when ip routing is disabled. This includes layer 2 switches. Perhaps we can clarify this a bit to show that this impacts traffic from the management interface of the switch and does not impact any traffic from the PCs that are attached to the switch. For the PCs attached to the switch they need to communicate with their configured default gateway and are not impacted by whether the switch has a default-gateway configured or not.

I would say that every layer 2 switch SHOULD have a default-gateway configured. But it is not definitely required. There have been several posts in the forum which show that a layer 2 switch configured with no default-gateway can still access remote addresses. They do this because they will ARP for every address - no matter whether it is local or remote they ARP. This can work if the layer 3 device supports proxy arp and in Cisco routers it is enabled by default. But remote access will not work if the layer 3 device does not support proxy arp. So my position is that layer 2 switches should have default-gateway configured so that there is no question about whether they will access remote addresses.

The situations in which it is required to configure default-gateway are situations in which the switch will not arp for remote addresses and situations where the layer 3 device does not enable proxy arp.

HTH

Rick

HTH

Rick