<div>
If you use L3 routing (switches with ip routing) most likely you need default route to forward traffic for destinations that are not in device route map, if you use only L2 traffic (VLANs - no interface VLANs) you don't need default route. 
For default gateway - you need id for traffic that is sourced from switch and need to be forwarded to the other networks. It is L2, the same principle as gateway on any PC host.
</div>

<div>
<a href="http://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst2960x/software/15-0_2_EX/routing/configuration_guide/b_rt_152ex_2960-x_cg/b_rt_152ex_2960-x_cg_chapter_010.html#concept_6276EB71A9C04676B87C844AE3C863EF" rel="ugc">2960-X routing configuration</a> 
I was surprised too &nbsp;:)
</div>

<div>
ok then I understand the ip default-gateway , when its the same like on a workstation :-) 
 
by the way with the C2960X you can route...
</div>

<div>
I think, do I need both commands ? 
because I have a smal ping delay on my switches. 
 
lets say I ping a C2960X switch in another building, I have sometimes 20ms 
It differs anytime. 
But when I ping a workstaion connected to this C2960X the ping is always 1ms 
how can this be ? 
has it to do with the ip route cmd ?
</div>

<div>
If your host is attached to switch in the same VLAN where you SVI is ... &nbsp;most of the time ping is 1ms. 
If traffic needs to be forwarded through links and switches all that adds delay, there is no way around it. 
 
and ... probably you need both default gateway and default route if you use routing on switch (not always, but those are separate functionalities).
</div>

<div>
here is my scenario: 
 
with my workstation I am connected to my main switch C4510R. 
The other switch C2960X is connected to this C4510R with 10G fiber OM3. 
When I ping now the switch C2960X I have ping delays of 20ms. 
But it is directly connected.... 
The workstation connected to C2960X, I get ping of always 1ms
</div>

<div>
Not sure about your topology, but even light have speed limits :), there should be some time to signal travel through wires. Also if packet is routed L3 switch and router compare destination against routing table, when match is found packet is forwarded. Packets are rewritten from point to point (CRC is changing etc).. You need to take that into account - every operation creates delay.
</div>

<div>
so you agree, my switches can route traffic, so the cmd 
ip default-gateway is not necessary right ?
</div>

<div>
is it maybe normal when I ping my switch where I am directly connected ?
</div>

<div>
is it maybe normal when I ping my switch where I am directly connected and I have delays like this ? 
 
 
Reply from 10.3.5.6: bytes=32 time&lt;1ms TTL=255 
Reply from 10.3.5.6: bytes=32 time&lt;1ms TTL=255 
Reply from 10.3.5.6: bytes=32 time&lt;1ms TTL=255 
Reply from 10.3.5.6: bytes=32 time&lt;1ms TTL=255 
Reply from 10.3.5.6: bytes=32 time&lt;1ms TTL=255 
Reply from 10.3.5.6: bytes=32 time=9ms TTL=255 
Reply from 10.3.5.6: bytes=32 time=5ms TTL=255 
Reply from 10.3.5.6: bytes=32 time=3ms TTL=255 
Reply from 10.3.5.6: bytes=32 time=8ms TTL=255 
Reply from 10.3.5.6: bytes=32 time=4ms TTL=255 
Reply from 10.3.5.6: bytes=32 time=1ms TTL=255 
Reply from 10.3.5.6: bytes=32 time=2ms TTL=255 
Reply from 10.3.5.6: bytes=32 time&lt;1ms TTL=255 
Reply from 10.3.5.6: bytes=32 time=1ms TTL=255 
Reply from 10.3.5.6: bytes=32 time&lt;1ms TTL=255 
Reply from 10.3.5.6: bytes=32 time&lt;1ms TTL=255 
Reply from 10.3.5.6: bytes=32 time&lt;1ms TTL=255 
Reply from 10.3.5.6: bytes=32 time&lt;1ms TTL=255 
Reply from 10.3.5.6: bytes=32 time&lt;1ms TTL=255 
Reply from 10.3.5.6: bytes=32 time=1ms TTL=255
</div>

<div>
Can you take a look on one switch config ? 
Maybe I have some mistakes in it....
</div>

<div>
<pre><code class="code-100 nolinks" id="code-20-41449409-1">!
! No configuration change since last restart
! NVRAM config last updated at 09:52:26 CET Fri Oct 9 2015
!
version 15.0
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
!
hostname C2960X-STACK
!
boot-start-marker
boot-end-marker
!
enable secret 5 *****
!
username Administrator secret 5 ******
no aaa new-model
clock timezone CET 1 0
clock summer-time CET recurring last Sun Mar 2:00 last Sun Oct 3:00
switch 1 provision ws-c2960x-48lpd-l
switch 2 provision ws-c2960x-48lpd-l
!
!
!
!
crypto pki trustpoint TP-self-signed-4122994176
 enrollment selfsigned
 subject-name cn=IOS-Self-Signed-Certificate-4122994176
 revocation-check none
 rsakeypair TP-self-signed-4122994176
!
!
crypto pki certificate chain TP-self-signed-####
 certificate self-signed 01
#####
 	quit
spanning-tree mode pvst
spanning-tree extend system-id
!
!
!
!
!
!
vlan internal allocation policy ascending
!
!
!
!
!
!
interface Port-channel2
 switchport mode access
!
interface FastEthernet0
 no ip address
!
interface GigabitEthernet1/0/1
 switchport mode access
 spanning-tree portfast
!
interface GigabitEthernet1/0/2
 switchport mode access
 spanning-tree portfast
!
interface GigabitEthernet1/0/3
 switchport mode access
 spanning-tree portfast
!
interface GigabitEthernet1/0/4
 switchport mode access
 spanning-tree portfast
!
interface GigabitEthernet1/0/5
 switchport mode access
 spanning-tree portfast
!
interface GigabitEthernet1/0/6
 switchport mode access
 spanning-tree portfast
!
interface GigabitEthernet1/0/7
 switchport mode access
 spanning-tree portfast
!
interface GigabitEthernet1/0/8
 switchport mode access
 spanning-tree portfast
!
interface GigabitEthernet1/0/9
 switchport mode access
 spanning-tree portfast
!
interface GigabitEthernet1/0/10
 switchport mode access
 spanning-tree portfast
!
interface GigabitEthernet1/0/11
 switchport mode access
 spanning-tree portfast
!
interface GigabitEthernet1/0/12
 switchport mode access
 spanning-tree portfast
!
interface GigabitEthernet1/0/13
 switchport mode access
 spanning-tree portfast
!
interface GigabitEthernet1/0/14
 switchport mode access
 spanning-tree portfast
!
interface GigabitEthernet1/0/15
 switchport mode access
 spanning-tree portfast
!
interface GigabitEthernet1/0/16
 switchport mode access
 spanning-tree portfast
!
interface GigabitEthernet1/0/17
 switchport mode access
 spanning-tree portfast
!
interface GigabitEthernet1/0/18
 switchport mode access
 spanning-tree portfast
!
interface GigabitEthernet1/0/19
 switchport mode access
 spanning-tree portfast
!
interface GigabitEthernet1/0/20
 switchport mode access
 spanning-tree portfast
!
interface GigabitEthernet1/0/21
 switchport mode access
 spanning-tree portfast
!
interface GigabitEthernet1/0/22
 switchport mode access
 spanning-tree portfast
!
interface GigabitEthernet1/0/23
 switchport mode access
 spanning-tree portfast
!
interface GigabitEthernet1/0/24
 switchport mode access
 spanning-tree portfast
!
interface GigabitEthernet1/0/25
 switchport mode access
 spanning-tree portfast
!
interface GigabitEthernet1/0/26
 switchport mode access
 spanning-tree portfast
!
interface GigabitEthernet1/0/27
 switchport mode access
 spanning-tree portfast
!
interface GigabitEthernet1/0/28
 switchport mode access
 spanning-tree portfast
!
interface GigabitEthernet1/0/29
 switchport mode access
 spanning-tree portfast
!
interface GigabitEthernet1/0/30
 switchport mode access
 spanning-tree portfast
!
interface GigabitEthernet1/0/31
 switchport mode access
 spanning-tree portfast
!
interface GigabitEthernet1/0/32
 switchport mode access
 spanning-tree portfast
!
interface GigabitEthernet1/0/33
 switchport mode access
 spanning-tree portfast
!
interface GigabitEthernet1/0/34
 switchport mode access
 spanning-tree portfast
!
interface GigabitEthernet1/0/35
 switchport mode access
 spanning-tree portfast
!
interface GigabitEthernet1/0/36
 switchport mode access
 spanning-tree portfast
!
interface GigabitEthernet1/0/37
 switchport mode access
 spanning-tree portfast
!
interface GigabitEthernet1/0/38
 switchport mode access
 spanning-tree portfast
!
interface GigabitEthernet1/0/39
 switchport mode access
 spanning-tree portfast
!
interface GigabitEthernet1/0/40
 switchport mode access
 spanning-tree portfast
!
interface GigabitEthernet1/0/41
 switchport mode access
 spanning-tree portfast
!
interface GigabitEthernet1/0/42
 switchport mode access
 spanning-tree portfast
!
interface GigabitEthernet1/0/43
 switchport mode access
 spanning-tree portfast
!
interface GigabitEthernet1/0/44
 switchport mode access
 spanning-tree portfast
!
interface GigabitEthernet1/0/45
 switchport mode access
 spanning-tree portfast
!
interface GigabitEthernet1/0/46
 switchport mode access
 spanning-tree portfast
!
interface GigabitEthernet1/0/47
 switchport mode access
 spanning-tree portfast
!
interface GigabitEthernet1/0/48
 switchport mode access
 spanning-tree portfast
!
interface GigabitEthernet1/0/49
!
interface GigabitEthernet1/0/50
!
interface TenGigabitEthernet1/0/1
 switchport mode access
 channel-group 2 mode active
!
interface TenGigabitEthernet1/0/2
 switchport mode access
!
interface GigabitEthernet2/0/1
 switchport mode access
 spanning-tree portfast
!
interface GigabitEthernet2/0/2
 switchport mode access
 spanning-tree portfast
!
interface GigabitEthernet2/0/3
 switchport mode access
 spanning-tree portfast
!
interface GigabitEthernet2/0/4
 switchport mode access
 spanning-tree portfast
!
interface GigabitEthernet2/0/5
 switchport mode access
 spanning-tree portfast
!
interface GigabitEthernet2/0/6
 switchport mode access
 spanning-tree portfast
!
interface GigabitEthernet2/0/7
 switchport mode access
 spanning-tree portfast
!
interface GigabitEthernet2/0/8
 switchport mode access
 spanning-tree portfast
!
interface GigabitEthernet2/0/9
 switchport mode access
 spanning-tree portfast
!
interface GigabitEthernet2/0/10
 switchport mode access
 spanning-tree portfast
!
interface GigabitEthernet2/0/11
 switchport mode access
 spanning-tree portfast
!
interface GigabitEthernet2/0/12
 switchport mode access
 spanning-tree portfast
!
interface GigabitEthernet2/0/13
 switchport mode access
 spanning-tree portfast
!
interface GigabitEthernet2/0/14
 switchport mode access
 spanning-tree portfast
!
interface GigabitEthernet2/0/15
 switchport mode access
 spanning-tree portfast
!
interface GigabitEthernet2/0/16
 switchport mode access
 spanning-tree portfast
!
interface GigabitEthernet2/0/17
 switchport mode access
 spanning-tree portfast
!
interface GigabitEthernet2/0/18
 switchport mode access
 spanning-tree portfast
!
interface GigabitEthernet2/0/19
 switchport mode access
 spanning-tree portfast
!
interface GigabitEthernet2/0/20
 switchport mode access
 spanning-tree portfast
!
interface GigabitEthernet2/0/21
 switchport mode access
 spanning-tree portfast
!
interface GigabitEthernet2/0/22
 switchport mode access
 spanning-tree portfast
!
interface GigabitEthernet2/0/23
 switchport mode access
 spanning-tree portfast
!
interface GigabitEthernet2/0/24
 switchport mode access
 spanning-tree portfast
!
interface GigabitEthernet2/0/25
 switchport mode access
 spanning-tree portfast
!
interface GigabitEthernet2/0/26
 switchport mode access
 spanning-tree portfast
!
interface GigabitEthernet2/0/27
 switchport mode access
 spanning-tree portfast
!
interface GigabitEthernet2/0/28
 switchport mode access
 spanning-tree portfast
!
interface GigabitEthernet2/0/29
 switchport mode access
 spanning-tree portfast
!
interface GigabitEthernet2/0/30
 switchport mode access
 spanning-tree portfast
!
interface GigabitEthernet2/0/31
 switchport mode access
 spanning-tree portfast
!
interface GigabitEthernet2/0/32
 switchport mode access
 spanning-tree portfast
!
interface GigabitEthernet2/0/33
 switchport mode access
 spanning-tree portfast
!
interface GigabitEthernet2/0/34
 switchport mode access
 spanning-tree portfast
!
interface GigabitEthernet2/0/35
 switchport mode access
 spanning-tree portfast
!
interface GigabitEthernet2/0/36
 switchport mode access
 spanning-tree portfast
!
interface GigabitEthernet2/0/37
 switchport mode access
 spanning-tree portfast
!
interface GigabitEthernet2/0/38
 switchport mode access
 spanning-tree portfast
!
interface GigabitEthernet2/0/39
 switchport mode access
 spanning-tree portfast
!
interface GigabitEthernet2/0/40
 switchport mode access
 spanning-tree portfast
!
interface GigabitEthernet2/0/41
 switchport mode access
 spanning-tree portfast
!
interface GigabitEthernet2/0/42
 switchport mode access
 spanning-tree portfast
!
interface GigabitEthernet2/0/43
 switchport mode access
 spanning-tree portfast
!
interface GigabitEthernet2/0/44
 switchport mode access
 spanning-tree portfast
!
interface GigabitEthernet2/0/45
 switchport mode access
 spanning-tree portfast
!
interface GigabitEthernet2/0/46
 switchport mode access
 spanning-tree portfast
!
interface GigabitEthernet2/0/47
 switchport mode access
 spanning-tree portfast
!
interface GigabitEthernet2/0/48
 switchport mode access
 spanning-tree portfast
!
interface GigabitEthernet2/0/49
!
interface GigabitEthernet2/0/50
!
interface TenGigabitEthernet2/0/1
 switchport mode access
 channel-group 2 mode active
!
interface TenGigabitEthernet2/0/2
 switchport mode access
!
interface Vlan1
 ip address 100.1.5.7 255.255.248.0
!
ip default-gateway 100.1.0.1
ip http server
ip http secure-server
!
ip route 0.0.0.0 0.0.0.0 100.1.0.1
logging trap critical
logging origin-id hostname
logging facility local6
logging host 100.2.1.94
!
snmp-server community ### RO
snmp-server community ### RW
snmp-server location private
snmp-server contact private
snmp-server enable traps snmp authentication linkdown linkup coldstart warmstart
snmp-server enable traps transceiver all
snmp-server enable traps call-home message-send-fail server-fail
snmp-server enable traps tty
snmp-server enable traps license
snmp-server enable traps auth-framework sec-violation
snmp-server enable traps cluster
snmp-server enable traps config-copy
snmp-server enable traps config
snmp-server enable traps config-ctid
snmp-server enable traps dot1x auth-fail-vlan guest-vlan no-auth-fail-vlan no-guest-vlan
snmp-server enable traps energywise
snmp-server enable traps fru-ctrl
snmp-server enable traps entity
snmp-server enable traps event-manager
snmp-server enable traps power-ethernet group 1
snmp-server enable traps power-ethernet group 2
snmp-server enable traps power-ethernet police
snmp-server enable traps cpu threshold
snmp-server enable traps rep
snmp-server enable traps vstack
snmp-server enable traps bridge newroot topologychange
snmp-server enable traps stpx inconsistency root-inconsistency loop-inconsistency
snmp-server enable traps syslog
snmp-server enable traps vtp
snmp-server enable traps vlancreate
snmp-server enable traps vlandelete
snmp-server enable traps flash insertion removal
snmp-server enable traps port-security
snmp-server enable traps envmon fan shutdown supply temperature status
snmp-server enable traps stackwise
snmp-server enable traps errdisable
snmp-server enable traps mac-notification change move threshold
snmp-server enable traps vlan-membership
snmp-server host 100.2.1.94 public 
!
!
line con 0
line vty 0 4
 password 7 1502020A13253C2F70322C63
 login
line vty 5 15
 password 7 1502020A13253C2F70322C63
 login
!
ntp server 10.2.1.1
end
</code></pre>
</div>

<div>
This is a config of my C2960X stack. 
Here also the ping to VLAN1 has a delay &nbsp;between 2-100ms 
I hope you find something....
</div>

<div>
I took over this config. 
we are using this kind of networks: 
 
Building ONE 
100.1.1.0 /21 for servers 
100.1.3.0 /21 for printers 
100.1.4.0 /21 for clients 
100.1.5.0 /21 for management 
 
Building TWO 
100.2.1.0 /21 for servers 
100.2.3.0 /21 for printers 
100.2.4.0 /21 for clients 
100.2.5.0 /21 for management 
 
Building THREE 
100.3.1.0 /21 for servers 
100.3.3.0 /21 for printers 
100.3.4.0 /21 for clients 
100.3.5.0 /21 for management 
 
The buildings are connected via MPLS Routers. 
I think this is not best solution because all is in one network right ? 
How can I split it up into different vlans ? 
And what kind of routes I have to set on the switches ? 
Or do I install all routes on my firewall ?
</div>

<div>
ok I made some test and it is wise to seperate the network in /24 subnets. 
Do you have any recommendations ?
</div>

<div>
I am I right ? 
 
when I change my vlan1 to: 

<pre><code class="code-1 nolinks" id="code-20-41450390-1">interface Vlan1
 ip address 100.1.5.7 255.255.255.0
</code></pre>
 
then I need a route, because my gateway is: 

<pre><code class="code-1 nolinks" id="code-20-41450390-2">ip default-gateway 100.1.0.1
</code></pre>
 
So my switches need the feature of routing.
</div>

<div>
The IP addresses here in the article are just fictive. They are not real. 
For my network we use a private range. 
 
Thanks a lot for your help and all the recommendations. 
I will start a plan and switch slowly, one segment at a time.
</div>

<div>
<div class="content wysiwyg-content">
Hi Experts, 
 
I have a question to my switch config. 
This is an cisco access switch C2960X connected with fiber to my main switch. 
 
I have seen, on some switches I miss a command : 
 

<pre><code class="code-1 nolinks" id="code-10-28923742-1">ip route 0.0.0.0 0.0.0.0 10.20.30.40
</code></pre>
 
is it alwys needed ? 
When do I need it ? 
 
And what about this command : 

<pre><code class="code-1 nolinks" id="code-10-28923742-2">ip default-gateway 10.20.30.40
</code></pre>
</div>
</div>

Hi Experts,

I have a question to my switch config.
This is an cisco access switch C2960X connected with fiber to my main switch.

I have seen, on some switches I miss a command :

(CODE)

is it alwys needed ?
When do I need it ?

And what about this command :
(CODE)

switch config

Cisco PIX is a dedicated hardware firewall appliance; the Cisco Adaptive Security Appliance (ASA) is a firewall and anti-malware security appliance that provides unified threat management and protection the PIX does not. Other Cisco devices and systems include routers, switches, storage networking, wireless and the software and hardware for PIX Firewall Manager (PFM), PIX Device Manager (PDM) and Adaptive Security Device Manager (ASDM).

Cisco

A switch is a device that filters and forwards packets of data between LAN segments. Switches operate at the data link layer or the network layer of the Open Systems Interconnection (OSI) Reference Model and therefore support any packet protocol. LANs that use switches to join segments are called switched LANs or, in the case of Ethernet networks, switched Ethernet LANs. A hub is a connection point for devices in a network. Hubs are commonly used to connect segments of a LAN. A hub contains multiple ports; when a packet arrives at one port, it is copied to the other ports so that all segments of the LAN can see all packets.

Switches / Hubs

A router is a networking device that forwards data packets between computer networks. Routers perform the "traffic directing" functions on the Internet. The most familiar type of routers are home and small office cable or DSL routers that simply pass data, such as web pages, email, IM, and videos between computers and the Internet. More sophisticated routers, such as enterprise routers, connect large business or ISP networks up to the powerful core routers that forward data at high speed along the optical fiber lines of the Internet backbone. Though routers are typically dedicated hardware devices, use of software-based routers has grown increasingly common.