RE: 3550 COnnectivity (and re: ENCAP FAILURES ON ETHERNET)

From: Brian McGahan (bmcgahan@internetworkexpert.com)
Date: Sun Jul 18 2004 - 04:59:49 GMT-3

Alex,

        Yes it does, as does the router when ip routing is disabled.
I'm not sure why they implemented it this way, but they did. See the
below output:

R3--R1--SW1

R3#sh ip int brief | exclude unassigned
Interface IP-Address OK? Method Status
Protocol
Serial1/2 13.0.0.3 YES manual up up

R3#show ip route
<snip>
Gateway of last resort is 0.0.0.0 to network 0.0.0.0

C 13.0.0.0/8 is directly connected, Serial1/2
S* 0.0.0.0/0 is directly connected, Serial1/2

R1#show ip int brief | exclude unassigned
Interface IP-Address OK? Method Status
Protocol
Ethernet0/0 10.0.0.1 YES manual up up

Serial0/1 13.0.0.1 YES manual up up

R1#show int e0/0 | include bia
  Hardware is AmdP2, address is 0004.c057.32c0 (bia 0004.c057.32c0)

SW1#show ip route
Default gateway is not set

Host Gateway Last Use Total Uses Interface
ICMP redirect cache is empty
SW1#show ip int brief | ex unassigned
Interface IP-Address OK? Method Status
Protocol
Vlan1 10.0.0.7 YES manual up up

SW1#ping 13.0.0.3

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 13.0.0.3, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 28/229/1028
ms
SW1#
IP ARP: creating incomplete entry for IP address: 13.0.0.3 interface
Vlan1
IP ARP: sent req src 10.0.0.7 000a.b7dc.a880,
                 dst 13.0.0.3 0000.0000.0000 Vlan1
IP ARP: rcvd rep src 13.0.0.3 0004.c057.32c0, dst 10.0.0.7 Vlan1

        Although it is not connected nor does it have a default gateway,
SW1 ARPs for 13.0.0.3. The ARP is answered by R1 by proxy, as R1 has a
route to the destination 13.0.0.3.

        When IP routing is enabled SW1 is limited to ARPing to routes
that are installed in the routing table:

SW1#conf t
Enter configuration commands, one per line. End with CNTL/Z.
SW1(config)#ip routing
SW1(config)#end
SW1#debug ip packet
IP packet debugging is on
SW1#debug arp
ARP packet debugging is on
SW1#ping 13.0.0.3

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 13.0.0.3, timeout is 2 seconds:

datagramsize=100, IP 59: s=10.0.0.7 (local), d=13.0.0.3, totlen 100,
fragment 0, fo 0, unroutable.
datagramsize=100, IP 60: s=10.0.0.7 (local), d=13.0.0.3, totlen 100,
fragment 0, fo 0, unroutable.
datagramsize=100, IP 61: s=10.0.0.7 (local), d=13.0.0.3, totlen 100,
fragment 0, fo 0, unroutable.
datagramsize=100, IP 62: s=10.0.0.7 (local), d=13.0.0.3, totlen 100,
fragment 0, fo 0, unroutable.
datagramsize=100, IP 63: s=10.0.0.7 (local), d=13.0.0.3, totlen 100,
fragment 0, fo 0, unroutable.
Success rate is 0 percent (0/5)

        As you can see from the above output the ARP process is not
initiated because there is no route to the destination.

        This actually fits in with the other thread I just responded to
re: ENCAP FAILURES ON ETHERNET. The ARP process occurs after routing.
When routing is not enabled ARP will always occur.

HTH,

Brian McGahan, CCIE #8593
bmcgahan@internetworkexpert.com

Internetwork Expert, Inc.
http://www.InternetworkExpert.com
Toll Free: 877-224-8987 x 705
Outside US: 775-826-4344 x 705
24/7 Support: http://forum.internetworkexpert.com
Live Chat: http://www.internetworkexpert.com/chat/

> -----Original Message-----
> From: Alexander Arsenyev (GU/ETL)
[mailto:alexander.arsenyev@ericsson.com]
> Sent: Sunday, July 18, 2004 2:38 AM
> To: Brian McGahan; ccielab@groupstudy.com
> Subject: RE: 3550 COnnectivity
>
> So will Cat3550 with one VLAN interface with IP address, say
10.0.0.1/16,
> ip routing disabled, ip default-gateway not configured, ARP for an IP
> address 11.0.0.1? I'm pretty much sure it won't do ARP with "ip
routing"
> statement in config.
> Don't have a Cat3550 to test it now :-)
> Cheers
> Alex
>
> -----Original Message-----
> From: Brian McGahan [mailto:bmcgahan@internetworkexpert.com]
> Sent: 18 July 2004 08:31
> To: Alexander Arsenyev (GU/ETL); ccielab@groupstudy.com
> Subject: RE: 3550 COnnectivity
>
>
> When bridging IP it will ARP for everything (same with the
> routers if you turn ip routing off). If you're routing IP you'll only
> ARP for destinations that you have a route to. If by changing the
mask
> on a connected interface you encompass the destination in the
connected
> network it will ARP for it. Assuming the device on the other end
> supports proxy-arp transmission will be successful. It's a fun
exercise
> in routing logic.
>
> Brian McGahan, CCIE #8593
> bmcgahan@internetworkexpert.com
>
> Internetwork Expert, Inc.
> http://www.InternetworkExpert.com
> Toll Free: 877-224-8987 x 705
> Outside US: 775-826-4344 x 705
> 24/7 Support: http://forum.internetworkexpert.com
> Live Chat: http://www.internetworkexpert.com/chat/
>
>
> > -----Original Message-----
> > From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf
> Of
> > Alexander Arsenyev (GU/ETL)
> > Sent: Sunday, July 18, 2004 2:20 AM
> > To: ccielab@groupstudy.com
> > Subject: RE: 3550 COnnectivity
> >
> > I believe that Cat3550 will ARP for "everything" IF IP
address/netmask
> > combination
> > on VLAN interface covers that "everything". That's why sometimes
it's
> > important
> > to trick Cat3550 into thinking that "everything" is directly
> connected,
> > see
> > my earlier post
> > http://www.groupstudy.com/archives/ccielab/200406/msg01843.html
> >
> > HTH,
> > Cheers
> > Alex
> >
> > -----Original Message-----
> > From: nobody@groupstudy.com [mailto:nobody@groupstudy.com]On Behalf
Of
> > Brian McGahan
> > Sent: 18 July 2004 01:29
> > To: Kenneth Wygand; Mike Calhoon; Lord, Chris;
ccielab@groupstudy.com
> > Subject: RE: 3550 COnnectivity
> >
> >
> > Ken,
> >
> > Your statements are true to a degree. Technically the 3550 is
> > not using proxy-arp. Instead, it is just ARPing for everything. It
> is
> > the router that responds on behalf of the destination that is being
> > ARPed for (hence proxy-arp).
> >
> > I only mention this point because it is the router on the
> > attached segment that must be running proxy-arp, and not the switch
> > itself.
> >
> >
> > HTH,
> >
> > Brian McGahan, CCIE #8593
> > bmcgahan@internetworkexpert.com
> >
> > Internetwork Expert, Inc.
> > http://www.InternetworkExpert.com
> > Toll Free: 877-224-8987 x 705
> > Outside US: 775-826-4344 x 705
> > 24/7 Support: http://forum.internetworkexpert.com
> > Live Chat: http://www.internetworkexpert.com/chat/
> >
> >
> > > -----Original Message-----
> > > From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On
Behalf
> > Of
> > > Kenneth Wygand
> > > Sent: Saturday, July 17, 2004 5:23 PM
> > > To: Mike Calhoon; Lord, Chris; ccielab@groupstudy.com
> > > Subject: RE: 3550 COnnectivity
> > >
> > > Mike,
> > >
> > > Without specifying the "ip default-gateway", your 3550 will
default
> to
> > > using proxy-arp to resolve your IP addresses to MAC addresses. If
> > your
> > > attached router (on the VLAN where your switch's IP address is)
> > supports
> > > proxy-arp, it will resolve and your ping will succeed.
> > >
> > > You should have entries if you do a "show arp" when using
proxy-arp,
> > but I
> > > don't believe those entries will exist when crossing VLANs if you
> have
> > a
> > > default gateway configured (just your default gateway will be in
> your
> > > local arp table).
> > >
> > > If you can, try it out both ways and post your outputs! :)
> > >
> > > Hope this helps,
> > > Ken
> > >
> > > ________________________________
> > >
> > > From: nobody@groupstudy.com on behalf of Mike Calhoon
> > > Sent: Sat 7/17/2004 6:18 PM
> > > To: 'Lord, Chris'; ccielab@groupstudy.com
> > > Subject: RE: 3550 COnnectivity
> > >
> > >
> > >
> > > Chris,
> > >
> > > I have wondered the same thing lately. I have found that as long
> as
> > the
> > > rest of my routers have the route to the VLAN installed, I can
ping
> > the ip
> > > on the switch without having to add "ip default-gateway", ip
> routing,
> > or
> > > anything else to it. So full connectivity is being reached, but I
> am
> > > wondering if I should be adding "ip default-gateway" or anything
> extra
> > to
> > > the switch.
> > >
> > >
> > > Thanks,
> > > Mike
> > >
> > >
> > > -----Original Message-----
> > > From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On
Behalf
> > Of
> > > Lord, Chris
> > > Sent: Saturday, July 17, 2004 5:03 PM
> > > To: ccielab@groupstudy.com
> > > Subject: 3550 COnnectivity
> > >
> > > Please could I ask for some opinions.......
> > >
> > > A lot of practice lab scenarios state standard assumptions such as
> "do
> > not
> > > use static or default routes on any router, etc" and "full
> > connectivity
> > > must
> > > be attained, etc". Suppose we met this in the real lab, my
question
> is
> > > this... if one of the switches has a vlan interface with an ip
> address
> > > assigned to it then I assume the pod should be able to ping it and
> > > vica-versa. If the switch is not running an IGP, is the use of "ip
> > > default-gateway" permissible or does this break the rules?
> > >
> > > If you can't use "ip default-gateway" do you think configuring
irdp
> on
> > the
> > > attached router in the switch's management vlan would be a good
> > > alternative?
> > >
> > > thx in anticipation,
> > >
> > > Chris.
> > >
> > >
> > >
> **********************************************************************
> > > The information contained in this email is confidential and is
> > intended
> > > for
> > > the recipient only. If you have received it in error, please
notify
> us
> > > immediately by reply email and then delete it from your system.
> Please
> > do
> > > not copy it or use it for any purposes, or disclose its contents
to
> > any
> > > other person or store or copy this information in any medium. The
> > views
> > > contained in this email are those of the author and not
necessarily
> > those
> > > of
> > > Lorien plc.
> > >
> > > Thank you for your co-operation.
> > >
> **********************************************************************
> > >
> > >
> >
>

This archive was generated by hypermail 2.1.4 : Sun Aug 01 2004 - 10:11:58 GMT-3