Cisco gateway config

[duster]

If my gateway is configure as below with 172.15.3.9 being my firewall if i want to go to 48.18.21.0 network will packet still be forwarded to the firewall? or since there is a static route it will ignore the second line?

ip classless
ip route 0.0.0.0 0.0.0.0 172.15.3.9
ip route 48.18.21.0 255.255.255.0 172.15.5.251
ip route 172.1.5.0 255.255.248.0 172.15.5.225

[TwistedPair]

Well since your second line is the default route, pretty much all traffic will go to your firewall. If there are more 2 networks attached to the router then forget about using the default route.

[BlackCryptoKnight]

Can a Cisco certified individual render some further assistance to this degreed and experienced gentleman please?

[duster]

Can a Cisco certified individual render some further assistance to this degreed and experienced gentleman please?

Come on BlackCyp. what this have to do with certification? Im not against studying cisco material im against organize test taking as a means to tek people money. I have cisco press books but i dont see my question that i just ask in there

[Kev4eva]

Can a Cisco certified individual render some further assistance to this degreed and experienced gentleman please?

hahaha very funny....funny indeed to see the member who is askin for help here

I am sure a cisco certified member will render some help soon.

[duster]

hahaha very funny....funny indeed to see the member who is askin for help here

I am sure a cisco certified member will render some help soon.

You all not making any sense i'm asking for expertise and knowledge regarding a specific issue. I not asking for qualifications. CCNA,CCNP is qualifications not expertise so get that straight. uno no mek mi start pon uno again I would love for someone to answer my question certified or not!

[zRo ToLeRaNcE]

The Default Route (i.e. 0.0.0.0 0.0.0.0) is actually the last route taken. If you run the show ip route command you'll see a more descriptive name

Gateway of last resort is 172.15.3.9 to network 0.0.0.0

So Default route is more of a Last Resort route. The device will search through the entire routing table and if it doesn't see a static or dynamic route to the network it is trying to get to, then the Route of Last Resort is taken.

But to try and explain what Twisted was saying, there may be no need for you to configure the default route. If no default route is defined, packets destined for a network not defined statically or dynamically in the routing table will be dropped. To use your IPs as an example, anything other than packets with a destination within 48.18.21.0 /24 or 172.1.5.0 /21 will be dropped. So take a look at your network, decide if you really need a default route then use it. It's not a hard and fast rule to configure it.

Some security persons say you should know all your network segments and don't need a default route. You can use your default route as a black hole for virus, trojans, sniffers and other stuff.

If your going to have packets on your network destined for the Internet then u will need a default route unless your using a proxy server. Because it's impossible for you to know every segment on the Internet, default route to your Firewall then to the Internet is the norm. If you have a proxy server, browsers will be configured to go to Internet through your Proxy then Firewall, then Internet. So that's why u don't need the default route in that case.

PS
Hope I didn't over explain

[TwistedPair]

Thanks for the correction, I remembered that the wild card meant the default route but forgot thats it's only used when a destination can't be found in the routing table.

[duster]

The Default Route (i.e. 0.0.0.0 0.0.0.0) is actually the last route taken. If you run the show ip route command you'll see a more descriptive name

Gateway of last resort is 172.15.3.9 to network 0.0.0.0

If your going to have packets on your network destined for the Internet then u will need a default route unless your using a proxy server. Because it's impossible for you to know every segment on the Internet, default route to your Firewall then to the Internet is the norm. If you have a proxy server, browsers will be configured to go to Internet through your Proxy server, then Firewall, then Internet. So that's why u don't need the default route in that case.

PS
Hope I didn't over explain

THanks for you help ZERO we do have traffic going to the internet so thats why the defualt route is there.again thanks for the clarification