Tuesday Feb 7

Archive for November, 2009

Nov
30/09
Default Gateway vs Default Route
Last Updated on Monday, 30 November 2009 10:25
Written by jj
Monday, November 30th, 2009

This is the latest article from our company’s “Dear John” column, where my Dad answers questions from customers, readers and partners. Yes, I said my Dad – he taught me everything I know and, while I can’t get him to write regularly on a blog, I’ll certainly share any public articles he puts out for you to enjoy ;)

I thought this was well worth sharing. So often we see misconfigured devices at customer sites- one of the most frequent being the improper use of default gateway configurations versus default routes. I’ve probably spent ten hours just in the past couple of weeks explaining this concept to various clients.

Dear John: Default Gateway vs. Default Route?
Excerpt from a column by John Jabbusch, CAD, Inc.
Carolina Advanced Digital, Inc. November 2009 Newsletter

Q: When should I use a default gateway instead of a default route?

A:  Based upon the source and nature of the question, I am proceeding with the assumption that the question was made in reference to network switches. The short answer is that a default gateway typically is used to direct traffic destined for a “foreign” network (i.e. a network other than the one to which the switch belongs) off the switch to a “gateway” device on the same network as the switch.

A switch that does not perform routing will use a default gateway. On an HP ProCurve switch from the global configuration context the command would look like ip default-gateway 192.168.1.1.

On a switch that contains addresses that reside in two or more networks (meaning VLANs with IP addresses), the switch is almost universally routing at least between the internal VLANs and most likely routing between the “next hop” device and the switch VLAN directly connected to that device. A switch (or really any device) that is routing will need to specify the “gateway address” as a default route. Again, on an HP ProCurve switch from the global configuration context this would be something like ip route 0.0.0.0 0.0.0.0 192.168.1.1.

[I have abridged the answer here to comply with space requirements for the newsletter and so there is more to this topic than I have provided here, such as what effect there is upon route tables and route propagation, but those things are beyond the scope of this short forum. -John]

# # #

Tags: , ,   |  Posted under Network Niblets  |  Comments  No Comments
Nov
25/09
The Evolution of NAC: a response, rave and rant
Last Updated on Saturday, 28 January 2012 06:41
Written by jj
Wednesday, November 25th, 2009

After catching a quick glimpse of Alan’s post on the Evolution of NAC, I popped over to the Infonetics site to download the whitepaper his post was referring to.

It’s a short 5-pager that will only take a few moments to read, so I encourage you to check it out. For those of you that read my articles and blog, I want to provide a response, noting several things I liked in the report, a few things I think are misleading, and a couple of items that are complete crap (sorry Jeff). (more…)

Tags: , , ,   |  Posted under NAC & 802.1X  |  Comments  4 Comments
Nov
19/09
JJ- Back in the lab: 802.1X and more
Last Updated on Saturday, 28 January 2012 06:41
Written by jj
Thursday, November 19th, 2009

Hi everyone! I know I’ve been missing in action yet again, so I thought I’d give you all a quick update. I’ve been on site quite a bit recently, working on various customer projects and security implementations.

I’m spending time in the coming weeks in the lab here; mostly working on access control, port security, 802.1X and possibly even some NAC/NAP proof of concepts. (more…)

Tags: , , ,   |  Posted under NAC & 802.1X  |  Comments  4 Comments

More Content

Find more of my content at
- Low Tech Hacking book
- Dark Reading
- Network Computing
- IANS
- SearchSecurity
- TechTarget

Get Social

RSSFacebookLinkedinYoutube

Topics