• We’re currently investigating an issue related to the forum theme and styling that is impacting page layout and visual formatting. The problem has been identified, and we are actively working on a resolution. There is no impact to user data or functionality, this is strictly a front-end display issue. We’ll post an update once the fix has been deployed. Thanks for your patience while we get this sorted.

A question concerning Subnetting, class C and gateways.

S

shrumpage

Golden Member
Let me pre-face that i do have a basic understanding of networking..or at least i thought i did.

Take the class C network, 192.168.1.0. Gateway and DNS are 192.168.1.1, subnet mask is 255.255.255.0. You set your computer IP to 192.168.1.101. The computer can access the internet, everything works as it should. Fairly standard

Keeping all devices on the same phyiscal network - no VLANs - I change the computer IP to 192.168.1.201 with a subnet mask of 255.255.255.128. Keeping the DNS and GW info the same (192.168.1.1).

The way i understood subnetting is that now the computer is on the 192.168.1.128 network, and would be unable to reach the DNS or the Gateway since it would reside in on the 192.168.1.0 network.

Unfortunately, this did not pan out. When i tested it, the computer was still able to find the GW and get out on the internet.

Could someone explain to me why the after changing the IP and the subnet mask, the computer was still able to find the gateway? I'm really stumped.

 
Your gateway (ie, router) is doing as it should, it listens to layer2 and layer3 broadcasts. It is probably also doing proxy-arp.

It's not that the computer "found" the gateway (otherwise known as a router) - it's that your gateway (otherwise known as a router) picked up an ARP (at layer2) for what it considers a directly connected broadcast domain and answered it.

This is where the OSI model comes into play. You client doesn't really care what is on the broadcast domain, it will look to it's own routing table. To put it simply, the router defines the subnet/broadcast domain, how the end station is configured is immaterial.

-edit-
And this is why the OSI model is pounded into your head. If you don't "get" the OSI model, then pound it some more.
 
I understand how the broadcast is going out, and the router is responding (watching with wireshark). What i did was just change the IP of the client to a different network 192.168.2.244, left the settings the same. Did a ping of the router, sure enough the arp goes out, and the reply comes back. The ICMP packets then go out with the correct mac address to the router, but the router doesn't respond.

There is no route to the 192.168.2.0 network, therefore the packet gets dropped at layer3, even though the router's ARP table would have 192.168.2.244 = MAC address(layer 2) for the computer connected to the router. Is that about right?

Follow up about the subnet mask on the client end. If the client doesn't care what is on the broadcast domain, then whats the point of maintaining that subnet mask for the client?
 
The router is responding because of proxy arp. The router has a default route, so it responds to the client on the arp request.

The router then tries to respond to 2.244, looks at it's route table and sends it out to the internet. That's why you don't see the response.

The reason for the mask on the client is so that it's route tables are correct along with knowing it's broadcast domain. Proxy-arp is the devil and comes from a time when clients didn't understand a subnet mask or default gateway.
 
The client needs the subnet mask for broadcasts. In your setup your second "network" (client) and router shared the same broadcast address. Reset the client with that /25 mask back in to the same range as the router. Do something that broadcasts a lot and you will see lots of activity on 192.168.1.127. The real issue pops up when 192.168.1.127 is an actual device on the /24 mask. Depending on how the device response it may consider all those broadcasts as being messages for it (rather than just broadcasts) and may then try to either reply or send error back to the faulty computer. This may crash the device. Basically certain IP based protocols will fail on the PC and cause a lot of junk traffic because it is expecting responses in the broadcast domain.

I know spidey just said this but I wanted to illustrate it a bit for you.
 
I'd wager that anybody who actually does this is a complete goon and should be shot.

But that's just me 🙂
 
Originally posted by: drebo
I'd wager that anybody who actually does this is a complete goon and should be shot.

But that's just me 🙂
Click to expand...

Actually understanding what happens and why is critical to understanding networking. This is like the heart of it, this thread.
 
spidey, if you have 37k posts and have been a member for 9 years (2000 - 2009) that means you post roughly 4,111 times a year. And its actually more than that because you joined in late 2000, and it's early 2009 now. .... wtf dude .... more than 11 posts every day? do ya sleep? ;O
 
Originally posted by: spidey07
Originally posted by: drebo
I'd wager that anybody who actually does this is a complete goon and should be shot.

But that's just me 🙂
Click to expand...

Actually understanding what happens and why is critical to understanding networking. This is like the heart of it, this thread.
Click to expand...

I always though so also. I have been doing this for years and I still learn new things.
 
You must log in or register to reply here.

TRENDING THREADS

Back
Top