The most successful MSPs rely on metrics – known as key performance indicators (KPIs) – for making informed decisions that help their businesses thrive, rather than just survive. This eBook provides an overview of the most important KPIs used by top MSPs.
A concept of ip default-gateway needs to be confirmed
HI Expert, I want to confirm a concept of command ip default-gateway in router or switch. Here is config. and two routers R2 and R3 are connected with each other.
R2:
interface Ethernet1/0
ip address 23.1.1.2 255.255.255.0
half-duplex
R3:
no ip routing
interface Ethernet1/0
ip address 23.1.1.3 255.255.255.0
half-duplex
I tested it and the result is that R2 can still ping R3. My question is why R2 can ping R3 successfully since R3 is in no ip routing mode and did not use the command ip default-gateway ? In another word, how can R3 send the ping packet back to R2 due to R3 configuration ? Thank you
R2:
interface Ethernet1/0
ip address 23.1.1.2 255.255.255.0
half-duplex
R3:
no ip routing
interface Ethernet1/0
ip address 23.1.1.3 255.255.255.0
half-duplex
I tested it and the result is that R2 can still ping R3. My question is why R2 can ping R3 successfully since R3 is in no ip routing mode and did not use the command ip default-gateway ? In another word, how can R3 send the ping packet back to R2 due to R3 configuration ? Thank you
Who is Participating?
Experts Exchange Solution brought to you by
Enjoy your complimentary solution view.
Get every solution instantly with Premium.
Start your 7-day free trial.
I wear a lot of hats...
"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.
as Arnold had pointed out, your devices sit in the same network there is no need for routing. take a look at your network " 23.1.1.3 255.255.255.0 ". the subnet mask states that the network portion is 23.1.1.x. anything in this network can see each other and does not need to be routed. if your other router was 23.1.2.x 255.255.255.0 then you would be concerned with a default gateway and routing.
hope that helps
hope that helps
Thank you for your reply. I think as layer3, ping packet always should go through routing table even if two routers connected with each other directly. I am not sure if the concept is correct
I think the confusion is that you seem to suggest that because one is precluded (routing) all other functionality would fail as well, but that is not the OSI structure. One needs level three to get to the location one does not have direct access.
I.e. Think of it is as a town. As long as two items are in the same town. Level three to the towns, require connecting highways to get from one to the other.
All the OSI model exist independent of whether it is localized to the one town or it is part of the entire world.
In your ping test with and concept analysis would suggest the no ip routing will eliminate all other Functionality.
I.e. Think of it is as a town. As long as two items are in the same town. Level three to the towns, require connecting highways to get from one to the other.
All the OSI model exist independent of whether it is localized to the one town or it is part of the entire world.
In your ping test with and concept analysis would suggest the no ip routing will eliminate all other Functionality.
To confirm a concept of command ip default-gateway in router or switch you need more than just two routers. You need three of them (or two roters and 1 end device). If router has no ip routing issued then it acts as end device, but since it has ip address configured on interface it does not relay on routing since there is no routing - it is relaying on ARP. So, when you are trying to ping devices in the same network range broadcast message will be sent with a question "who has ip x.x.x.x" and if there is device with that ip address it will return "I have ip address x.x.x.x my MAC address is 0000.0000.00xx" from that moment communication between 2 hosts since they are in the same network range is direct with MAC address as host identifier.
But, when you need to go to different network range then you need default gateway. Router before sending packets checks ip address of receiving host against its own ip address and subnet mask and if end result is that ip address is not in the same range - information needs to be encapsulated to be sent to default gateway. L2 header has destination MAC address of default gateway, source MAC address of sender, but L3 address has IP destination address of host that is not default gateway and source IP address of sender. When default gateway checks L3 information it sees that it is not really intended to gateway to receive packet and that packet needs to be forwarded.
By configuring default gateway you define to router, switch or end device - when packet is intended to be sent outside its network scope use MAC address of default gateway when you create frame, that device will know where to forward information.
When packet comes to default gateway next step is - default gateway strips all L2 information and rebuild L2 information with destination MAC address of the next hop and its own MAC address as source address.
So, in your example you need another router to be configured in some other network range to test default gateway concept. Or at least on second router you can configure another interface in different network range (but it needs to be in up up state - so at least here you need end device :) ) and try to ping interface that is not directly attached to the router from which you are pinging without default gateway configured.
But, when you need to go to different network range then you need default gateway. Router before sending packets checks ip address of receiving host against its own ip address and subnet mask and if end result is that ip address is not in the same range - information needs to be encapsulated to be sent to default gateway. L2 header has destination MAC address of default gateway, source MAC address of sender, but L3 address has IP destination address of host that is not default gateway and source IP address of sender. When default gateway checks L3 information it sees that it is not really intended to gateway to receive packet and that packet needs to be forwarded.
By configuring default gateway you define to router, switch or end device - when packet is intended to be sent outside its network scope use MAC address of default gateway when you create frame, that device will know where to forward information.
When packet comes to default gateway next step is - default gateway strips all L2 information and rebuild L2 information with destination MAC address of the next hop and its own MAC address as source address.
So, in your example you need another router to be configured in some other network range to test default gateway concept. Or at least on second router you can configure another interface in different network range (but it needs to be in up up state - so at least here you need end device :) ) and try to ping interface that is not directly attached to the router from which you are pinging without default gateway configured.
The following(config and diagram attached) is what i tested. First time it confirmed default-gateway is unnecessary, but after redid it, it confirmed the default-gateway is necessary for R8 to ping R6. I used gns to do it. it is unstable sometimes. but I believe second test.
here is what think about the issue: I think the issue should be considered like this: If an end router has only one ip address connected with other device, the router cannot be reached by user located in different network unless the router has default route. The default route in the router is like ip default-gateway in the switch that we are talking about. if anyone are interested, it could be pasted and confirm it.
--------------------------
R6#sh run
interface FastEthernet1/0
switchport access vlan 2
no ip address
interface Vlan2
ip address 67.1.1.6 255.255.255.0
no ip proxy-arp
no ip route-cache
--------------------------
R7#sh run
interface FastEthernet1/0
switchport access vlan 2
no ip address
!
interface FastEthernet1/1
no ip address
!
interface Vlan1
ip address 1.1.1.7 255.255.255.0
no ip proxy-arp
!
interface Vlan2
ip address 67.1.1.7 255.255.255.0
no ip proxy-arp
--------------------------
R8#sh run
interface FastEthernet1/0
switchport access vlan 2
no ip address
!
interface Vlan1
ip address 1.1.1.8 255.255.255.0
no ip proxy-arp
!
ip route 0.0.0.0 0.0.0.0 1.1.1.7
!
Capture.PNG
here is what think about the issue: I think the issue should be considered like this: If an end router has only one ip address connected with other device, the router cannot be reached by user located in different network unless the router has default route. The default route in the router is like ip default-gateway in the switch that we are talking about. if anyone are interested, it could be pasted and confirm it.
--------------------------
R6#sh run
interface FastEthernet1/0
switchport access vlan 2
no ip address
interface Vlan2
ip address 67.1.1.6 255.255.255.0
no ip proxy-arp
no ip route-cache
--------------------------
R7#sh run
interface FastEthernet1/0
switchport access vlan 2
no ip address
!
interface FastEthernet1/1
no ip address
!
interface Vlan1
ip address 1.1.1.7 255.255.255.0
no ip proxy-arp
!
interface Vlan2
ip address 67.1.1.7 255.255.255.0
no ip proxy-arp
--------------------------
R8#sh run
interface FastEthernet1/0
switchport access vlan 2
no ip address
!
interface Vlan1
ip address 1.1.1.8 255.255.255.0
no ip proxy-arp
!
ip route 0.0.0.0 0.0.0.0 1.1.1.7
!
Capture.PNG
So, let me simplify this, so concept of default gateway can be easily understood.
Forget about GNS3. On device that you are right now reading this, check your IP address and configure IP static address with the same details as it is configured now, but leave default gateway field empty. As for this part
So, you can remove default route (although you don't have to) in your example and add more specific route
ip route 67.1.1.0 255.255.255.0 1.1.1.7
and everything will still work since there is a matching route for packets for 67.1.1.0/24 network.
Forget about GNS3. On device that you are right now reading this, check your IP address and configure IP static address with the same details as it is configured now, but leave default gateway field empty. As for this part
here is what think about the issue: I think the issue should be considered like this: If an end router has only one ip address connected with other device, the router cannot be reached by user located in different network unless the router has default route. The default route in the router is like ip default-gateway in the switch that we are talking about. if anyone are interested, it could be pasted and confirm it.it is not quite like that. Router must have matching route to send packet to some destination. If there is no matching route in routing table packet is dropped. Default route is only needed if there is no more specific route (default route is matching all packets). That's why it is called Gateway Of Last Resort.
So, you can remove default route (although you don't have to) in your example and add more specific route
ip route 67.1.1.0 255.255.255.0 1.1.1.7
and everything will still work since there is a matching route for packets for 67.1.1.0/24 network.
Experts Exchange Solution brought to you by
Your issues matter to us.
Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.
Start your 7-day free trial
Hi You are all expert! If you are interested, can you take a look at blow question, Thank you
http://www.experts-exchange.com/questions/28688006/Can-not-change-username-when-I-try-to-login-to-ASA.html
http://www.experts-exchange.com/questions/28688143/Cannot-log-in-to-failover-ASA5555-by-tacacs-username.html
http://www.experts-exchange.com/questions/28688006/Can-not-change-username-when-I-try-to-login-to-ASA.html
http://www.experts-exchange.com/questions/28688143/Cannot-log-in-to-failover-ASA5555-by-tacacs-username.html
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Routers
From novice to tech pro — start learning today.
-
Microsoft ApplicationsCertification: MOS Microsoft Office Specialist - Word 2013 Part … 120 lessons
Experts Exchange Solution brought to you by
Enjoy your complimentary solution view.
Get every solution instantly with Premium.
Start your 7-day free trial.
The following may help clear it up
https://supportforums.cisco.com/discussion/11085051/about-no-ip-routing-command
The two devices are on the same segment. Their communications are direct between them.