iproute if only using L2

  • 0
  • 1
  • Question
  • Updated 3 years ago
  • Answered
  • (Edited)
Hi,

I would like to put an example to every one and see what their thoughts are.

 - configure vlan DATA add ports all untagged
 - configure vlan DATA ipaddress 192.168.0.1 255.255.255.0

Now we have a router attached with Default Gateway 192.168.0.254

Do we need to add the following for packets to traverse?

 - configure iproute add default 192.168.0.254

Thanks
Photo of JeremyClarkson

JeremyClarkson

  • 1,010 Points 1k badge 2x thumb

Posted 3 years ago

  • 0
  • 1
Photo of Drew C.

Drew C., Community Manager

  • 39,442 Points 20k badge 2x thumb
Official Response
Skimming through this thread, it sounds like there's some confusion around the roles played by a default gateway and a router.

In the diagram below, the switch has three L3 VLANs configured with IP forwarding.  It also has a default gateway defined.  The default gateway is used for all unknown routes, such as those that would lead to the internet.  The PC and Printer are in their own separate VLANs, with each device's default gateway configured to point to the switch/router IP.  If other PCs in the same subnet (192.168.1.0/24) want to talk to each other, they don't need a default gateway.  But if they need to print or get out to the internet, it must be configured.



The default gateway on the switch only needs to be for an "external" network - one where another device knows the routes for other things.  In this case, it's going to be the internet gateway.  The switch knows the routing information for all directly connected interfaces (the PC and Printer networks) and we don't need to configure default routes on the switch for those - that's not an option, nor is it necessary.

The routing happens in the switch (in this case, because of IP forwarding) for all directly connected routes.  Those are listed in show iproute.

In this case, if you want "remote access" from within the PC subnet (192.168.1.0/24), you wouldn't need any default route configured on the router.  But, if you are on a different subnet - one not local to the router - you would have to configure the default gateway to point to an interface on a different router that knows how to get back to you.

I hope this is helpful!

-Drew