Courseiva
Layer 3 SwitchingCCNA 200-301

Layer 3 Switch Missing Default Route — Internet Unreachable

Presenting Symptom

Hosts in VLAN 10 cannot reach the internet, but can communicate within the local VLAN and with other VLANs on the same Layer 3 switch.

Network Context

A small branch office uses a single Cisco Catalyst 3650 Layer 3 switch running IOS 16.9. The switch has SVIs for VLAN 10 (192.168.10.1/24) and VLAN 20 (192.168.20.1/24). A default route is needed to reach the internet via an ISP router at 203.0.113.2. The switch is connected to the ISP router via interface GigabitEthernet1/0/1 (VLAN 100, 203.0.113.1/30).

Diagnostic Steps

1

Check routing table for default route

show ip route
Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP
       D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
       N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
       E1 - OSPF external type 1, E2 - OSPF external type 2
       i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
       ia - IS-IS inter area, * - candidate default, U - per-user static route
       o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
       a - application route
       + - replicated route, % - next hop override

Gateway of last resort is not set

C    192.168.10.0/24 is directly connected, Vlan10
C    192.168.20.0/24 is directly connected, Vlan20
C    203.0.113.0/30 is directly connected, Vlan100

The output shows no default route (Gateway of last resort is not set). The switch knows directly connected networks but has no path to the internet. A static default route should be present.

2

Verify if a static route is configured

show running-config | include ip route
No output (no ip route lines present)

No static routes are configured. The missing default route is due to absence of the 'ip route 0.0.0.0 0.0.0.0' command.

3

Check connectivity to the next-hop ISP router

ping 203.0.113.2
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 203.0.113.2, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/2/4 ms

The ISP router is reachable, confirming Layer 2 and Layer 3 connectivity to the next hop. The problem is purely the missing default route.

4

Confirm that IP routing is enabled

show ip protocols
Routing Protocol is "static"
  Sending updates every 0 seconds
  Invalid after 0 seconds, hold down 0, flushed after 0
  Outgoing update filter list for all interfaces is not set
  Incoming update filter list for all interfaces is not set
  Default networks not set
  Routing for Networks:
  Routing Information Sources:
    Gateway         Distance      Last Update
  Distance: (default is 1)

Static routing is enabled. This confirms the switch is capable of routing, but no static routes are defined.

Root Cause

The Layer 3 switch is missing a default static route (ip route 0.0.0.0 0.0.0.0 203.0.113.2). Without this route, the switch has no gateway of last resort to forward traffic destined to the internet.

Resolution

Configure the default static route: Switch(config)# ip route 0.0.0.0 0.0.0.0 203.0.113.2 This command creates a static route for all destination networks (0.0.0.0/0) pointing to the ISP router at 203.0.113.2 as the next hop.

Verification

Run 'show ip route' again. Expected output should include: S* 0.0.0.0/0 [1/0] via 203.0.113.2 The 'S*' indicates a static candidate default route. Also verify internet reachability: ping 8.8.8.8 should succeed.

Prevention

1. Always configure a default route on Layer 3 switches that need internet access. 2. Use a routing protocol (e.g., OSPF) to propagate a default route from the ISP router. 3. Implement configuration templates or automation to ensure default routes are not missed during initial setup.

CCNA Exam Relevance

On the CCNA 200-301 exam, this scenario tests understanding of static default routes and troubleshooting Layer 3 connectivity. Expect multiple-choice questions asking to identify why internet access fails, or drag-and-drop to place the correct 'ip route' command. Key fact: A default route is required for any device that needs to reach networks not in its routing table.

Exam Tips

1.

Remember that 'Gateway of last resort' is set by a default route (static or dynamic).

2.

The 'show ip route' command is the primary tool to verify default routes; look for 'S*' or 'Gateway of last resort'.

3.

In the exam, a missing default route is a common cause of 'no internet' issues; always check routing table first.

Commands Used in This Scenario

ping [ip]

The ping command sends ICMP echo requests to a destination IP address to test network connectivity and measure round-trip time.

show ip route

Displays the current IP routing table on a Cisco router, used to verify routes, check next-hop addresses, and troubleshoot connectivity issues.

show running-config

Displays the current active configuration in DRAM, showing all non-default settings.

Test Your CCNA Knowledge

Practice with scenario-based questions to prepare for the CCNA 200-301 exam.

Practice CCNA Questions