A common question of anybody configuring a Cisco Multilayer Switch (like 3560, 3750, and others), is the difference between the ip default-gateway and the ip route 0.0.0.0 0.0.0.0 commands.
Before starting, let´s talk a little bit about a Layer 2 Switch only... What is the purpose of an IP Address and Default-Gateway in a machine that speaks only L2 ?! Well... the answer is simple! Management! You assign an IP Address and Default-Gateway to a L2 Switch so you can access it, configure remotely, and so on! That is, the IP Configuration is setted ONLY for Management. It´ll not affect HOW the user traffic is handled or not! L2 will take care about that!
On the other hand in a Multilayer Switch, where you can run Layer 3, you can use IP ROUTE, or Routing Protocols to direct the user traffic to where you want it to go to. In this kind of Switch when you set the command ip route 0.0.0.0 0.0.0.0 <address> the destination address you just configured with this command will be used as a Gateway of last resort. That means, User Traffic and Management Traffic to destinations NOT LISTED in the Routing Table, will be directed to the Gateway of last resort.
When you set your switch to route with IP, you do not need to use the command ip default-gateway . Only when your switch act as a Layer 2 equipment only.
Posts
4 comments:
Thanks for this tidbit!
Had a customer put in a 6500 series, out of the box, behind my managed router, and he only added default-gateway statement.
I knew WHAT was wrong, I just didn't know WHY it was wrong.
Thanks for your explanation.
Hey buddy!
Glad to know that it helped you! Cool!
I´ve already had some issues myself with that, so that´s one of the reasons I blogged about it!
It´s quite simple, but, a bit confusing if you don´t know the "truth" right?! :)
Thanks for your comment man, and let me know if I can help you in anything else!
Have a nice day!
Cheers,
Caue Wailemann
Good post however you got me thinking from a Layer 2 perspective here and you do not need to use the the "ip default-gateway" command in order to mange a switch... The only thing you need to manage a switch is an IP address and subnet mask attached to a VLAN interface like (interface vlan 1). The actual purpose of the "ip default-gateway" command is to allow you to troubleshoot using ICMP, without it you will not be able to ping out from within the switch CLI, however you do not need it to manage a switch...
And now I'm going to change what I wrote because I wasn't thinking properly. You are correct that this setting is also needed for remote management if you are on a different subnet/vlan, I just remembered a time when I didn't set this command on an edge switch and then attempted to telnet from another subnet and it didn't work. So in a purely layer 2 network of machines all on the same subnet you wouldn't need it, however if you are a Cisco guy then your network would indeed have multiple vLAN's and subnets making the ip default-gateway command necessary.
So you were right and I was wrong :)
Post a Comment