Default Gateway outside of subnet

Discussion in 'Cisco' started by pk, May 21, 2007.

  1. pk

    pk Guest

    If I have 4 disjoint subnets all joined together in one VLAN, can they all
    reference the same default gateway address that is located in one of the
    subnets or do I have to assign the default gateway an address in each of the
    four subnets?
     
    pk, May 21, 2007
    #1
    1. Advertisements

  2. Some operating systems will ARP for the default gateway if it is
    not in the same subnet, but others will not; and even if the OS does
    ARP, there is no certainty that the default gateway will respond
    with something useful.

    The rule of thumb is that the default gateway should be in the same
    subnet as the device itself.
     
    Walter Roberson, May 21, 2007
    #2
    1. Advertisements

  3. Some operating systems will ARP for the default gateway if it is
    not in the same subnet, but others will not; and even if the OS does[/QUOTE]

    Never heard of this. How does that work?




    Arnold
     
    Arnold Nipper, May 21, 2007
    #3
  4. [/QUOTE]
    Windows 2000 and later (not sure about earlier).

    If I understand correctly, the ARPs are sent to the all-1's MAC broadcast
    address. If the intended receiver picks it up and replies, then it
    will reply to the MAC address of the sender: this will be received even
    if the sender is in a different subnet than the receiver (the host trying
    to get out.) The host trying to get out then knows the MAC address of
    the default gateway, which is all it needs to route packets through
    that gateway.
     
    Walter Roberson, May 21, 2007
    #4
  5. pk

    Scooby Guest

    Actually, I've heard of this working as well, but this description alone
    doesn't fill in the whole picture for me. Sure, that seems easy enough to
    get the packet out. However, when the packet returns to an IP that the
    router does not have an interface for, what does it do? How does it know to
    send the packet out to the correct mac address instead of just forwarding it
    along to its own next hop route? Perhaps it remembers the info from the
    incoming packet. But, what if the conversation was initiated from a device
    outside the network to one of the devices inside and the arp entry was not
    already there?

    Are you sure you weren't thinking of IRDP? That is a router discovery
    protocol, but I believe that it still requires the router ip to be on the
    local subnet.

    Either way, not a good idea to configure a network like this. To answer the
    original question, yes, the router should have an ip on each individual
    subnet. You can separated these into individual vlans and trunk, or you can
    add secondary addresses to the interface.

    Jim
     
    Scooby, May 21, 2007
    #5
  6. pk

    JF Mezei Guest

    The whole point of a subnet is to let nodes know to whom they can talk
    to directly without going through a router. So for a node to be able to
    reach a router directly, that router needs to have an IP in the same
    subnet as that node.

    The proper way to do this is to get your router/gateway to have multiple
    IPs, one in each of the subnets.

    Someone mentioned some hack in some version of Windows. This isn't part
    of a standard, and Microsoft can change or desupport this anytime it wants.
     
    JF Mezei, May 21, 2007
    #6
  7. Windows 2000 and later (not sure about earlier).

    If I understand correctly, the ARPs are sent to the all-1's MAC broadcast
    address.[/QUOTE]

    That's what you always do. Right? But typically you put in an IP address
    into the ARP frame whose MAC address you are looking for. So if you
    don't have any idea how your default gateway looks like which IP address
    do you put in?

    And even if someone is responding (which eventually will happend when
    someone has proxy ARP turned on) you still are not sure that this device
    is really a default gateway.

    Would be good if you could dig out any document explaining your idea in
    detail.




    Arnold
     
    Arnold Nipper, May 21, 2007
    #7
  8. You can configure static routes on the router that point to the
    interface:

    ip route <subnet> <mask> ethernet0/1

    The only benefit of this over the more normal mechanism of secondary
    addresses is that you don't waste an address for the router.
     
    Barry Margolin, May 22, 2007
    #8
  9. My ISP is actually using the system. I have no deep knowledge how it works.

    My ISP assigns IP through DHCP and for some reason my router is getting:

    Internet IP Address: 212.242.205.253
    Internet Netmask: 255.255.255.0
    Internet Gateway: 212.242.2.149

    The logic sense to me says above should not work, but it works fine, and
    apparently is implemented even on the big net.
     
    Bjarke Andersen, May 22, 2007
    #9
  10. pk

    Merv Guest

    Official name: loop0.mxc1-vbgx.ip.cybercity.dk
    IP address: 212.242.2.149

    It looks like your ISP is setting the default gateway to a loopback
    iinterface (a logical interface) on the ISP's router that terminates
    your link to the ISP.
     
    Merv, May 22, 2007
    #10
  11. pk

    JF Mezei Guest

    Assuming this is true DHCP and there is no PPP/PPPOE involved between
    the user site and ISP router, how would this work ?

    If the gateway router is outside the defined user's subnet, what would
    happen behind the scenes to cause the user's machine to interact with
    the router that is outside its subnet ?


    Or is this a case where the DHCP response might include multiple default
    gateways and deep down, the user's computer would select the one with
    the right IP in the same subnet, while its displays would just show the
    first one ?

    (aka, if the physical router has multiple IP interfaces, one for each
    subnet, they would all be included in the DHCP response and let the user
    computers use the right one).


    With PPPoE/PPP, I understand how it is possible to have 2 IPs that are
    not in the same subnet at each end of the PPP link. A packet that enters
    the PPP segment blindly comes out at the other end no matter what IPs
    are involved and there is no ARP involved.
     
    JF Mezei, May 22, 2007
    #11
  12. Wooops, the router actually runs PPPoA, so I guess I blew that theory.
     
    Bjarke Andersen, May 23, 2007
    #12
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.