Implications of incorrectly configured subnet mask / gateway

by A.Cogan   Last Updated April 16, 2018 12:01 PM

I have recently done an upgrade on a Cisco 2520. As part of the upgrade and SVI was added to the switch to allow a VLAN to route locally which was previously done at another switch (via a trunk). The SVI had the following parameters;

Network Addr: 192.168.65.96 Subnet Mask: 255.255.255.248 SVI Addr: 192.168.65.102

There were two devices on this subnet and, when the the change was made both devices were still able to communicate to the remote network even though the default gateway and subnet mask were 192.168.65.1 / 255.255.255.0 respectively.

Subsequent to this, while monitoring, I lost communications to one of the devices however the other remained online. I rectified the problem by correctly configuring the Subnet Mask and Default gateway on both devices but I was wondering if anyone could explain why I was able to communicate with one device and not the other even though both devices had incorrectly configured sunet masks /default gateways?

Thanks!

Tags : networking


Answers 1


Generally hosts follow this basic rule when deciding where to send packets (at L2 / MAC layer):

  • Is the destination IP in the same subnet (according to my netmask)? If yes, resolve its MAC (via ARP) and send the packet directly to that host.
  • Otherwise, resolve the gateway's MAC and send the packet via that gateway.

From this you can see:

  • If both hosts are within the same subnet (according to each other's netmask), the gateway is┬ánot used at all.

  • If the netmask is wider (i.e. prefix length shorter), hosts within the same subnet will still be able to communicate, because the "Same subnet?" check still won't fail.

    However, it will prevent communications with hosts which the netmask covers but isn't supposed to, because the host will try to ARP-resolve an address which is physically elsewhere. (Due to the wrong netmask, it will think the destination host is local.)

  • If the netmask is too narrow (prefix length too large), it's the opposite: communications within the subnet will be affected, because the host mistakenly thinks it needs to use the gateway.

    Note that this won't necessarily prevent communication (as the gateway will just route the packet back to the same subnet), just make it much less efficient.

    (Unless, that is, you have a combination of too narrow netmask and wrong gateway. That would prevent this type of communications entirely.)

grawity
grawity
April 16, 2018 11:31 AM

Related Questions





Home Network Setup

Updated August 24, 2017 16:01 PM