I've got a bit of a noob question here about a school network that has only really been worked on before by MSPs. We have an environment with one big 10.3/16 (on VLAN 1) as well as a bunch of new smaller subnets we're transitioning to like 10.4.50/24 (our management VLAN, 50) (where VLANs map 1:1 to subnets). We have a core switch, 10.3.100.1 as well as the first address on every subnet/VLAN, that does all of our inter-VLAN routing.
We have a fiber trunk running directly from the core switch to our primary switch for our other building 200ft away (we'll call it Switch X, 10.3.100.184, an HP ProCurve). Said trunk has all VLANs tagged on it.
In the process of trying to put all of our switch management addresses on the new management VLAN, I've been going to each switch, adding a 10.4.50.x address on VLAN 50. All went well until I got to Switch X. I decided to remove its old 10.3 address. The moment I did so, I lost connectivity to its other address as well. As far as I can tell, this caused no service outages for anything else.
After consoling in and restoring the previous configuration, I took another look at the current configuration of the switch. A couple of lines stood out to me:
ip default-gateway 10.3.100.1 ip route 0.0.0.0 0.0.0.0 10.3.100.1 ip routing
(full config pastebin here: https://pastebin.com/Rhiap8Aa)
As far as I can tell, the config contains nothing else pertaining to routing. In fact, it looks nearly identical to most of our other switches. Can anyone think of a reason why this switch should have routing enabled at all? If a device were to have its default gateway set to 10.3.100.184, would all traffic going to another subnet just be redirected to our core switch?
Also, am I correct in my assessment that by removing the 10.3 address, I removed access to the gateway and thus isolated the switch so it could only be accessed by a device already on the 10.4.50/24 network?
No comments:
Post a Comment