I came across something today I've never seen in 15 years, and I'm having a tough time figuring out how this is even possible.
Our current corp LAN is 192.168.100.0/24. The router/gateway is 192.168.100.1. However, I'm testing a new router/firewall, so I have it setup at 192.168.100.7 on its LAN interface. It's using an unused WAN IP. I was planning on testing rules etc. by setting a client's default gateway to the new device at .7 (have done this many times before in the past for testing).
So here's where it gets weird. I set a laptop to use a gateway of 192.168.100.7. If I plug the laptop directly in to the LAN port on the router, the laptop correctly uses that as its gateway, and I can see traffic flowing through that new router.
However, if I plug the laptop into the switch (still statically set the gateway as .7), the laptop seems to "ignore" the .7 gateway, and somehow finds and uses the existing .1 gateway. Windows 7, 10, and some iOS devices all behave this same way. Traceroutes confirm it's going through .1 (which it shouldn't be), and it's going out the WAN address of the .1 router.
So I'm scratching my head here -- why (and how) are clients seemingly ignoring the .7 default gateway which has been statically set? How are they able to auto-magically find the .1 gateway? A route print on the windows clients makes no reference to the .1 gateway and shows the 0.0.0.0 route as 192.168.100.7. But for some reason the clients are basically ignoring that second GW.
Ideas?
No comments:
Post a Comment