Question Regarding Subnet Design

Answered Question
Feb 7th, 2008

Im reading a Cisco Book and came across this design

router interface A interface is assigned

192.168.20.65/28

Hosts behind that interface are

192.168.20.66/24 and .70 /24

Interface B is given the IP address

of 192.168.20.17/28

Behind that interface..the hosts are configured with

192.168.20.20 and 25 /24

My question-

Is this "legal"..how can you have

hosts with a /24 bit subnet mask

than router interfaces with /28 subnet masks

Woulnt the /28 subnet mask force everything in the .20.x ip range

int subnets of 16, 32, 64 etc???

I have this problem too.
0 votes
Correct Answer by Richard Burts about 8 years 10 months ago

Leonardo

Thanks for clarifying that both interfaces are on the same router.

From the perspective of the router the network is 192.168.20.17 through 192.168.20.30 as you observe. From the perspective of the host behind the interface the network is 192.168.20.1 through 192.168.20.254.

A host will typically ARP for all addresses that it believes are local and will forward to its gateway all addresses that it believes are remote. So the host will ARP for any destination in the 192.168.20.x. If the router has enabled proxy arp and if the router knows where the destination subnet is, then everything works. But if the router has disabled proxy arp then the traffic will fail.

I think that it is helpful to remember that every device has its own view of what is in the network. It is best if the view of the host and of the router are the same. While I am not sure that it gets to the level of "not leagal" when the host has a different mask than the router it certainly introduces the possibility that something may not work.

HTH

Rick

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 4.5 (2 ratings)
Loading.

Hi, read your post and to answer your question, YES you can configuer your host with a /24 subnet. If you issue the ip classless command and then enter the routes for the network it will work. Do some reading on IP classless and classful subnet to get a better understanding. HTH

interface Serial3/2

description Primary Link to R2

ip address 10.10.10.1 255.255.255.252

!

interface Serial3/3

description Backup Link to R2

ip address 192.168.20.1 255.255.255.252

clockrate 64000

!

ip classless

ip route 0.0.0.0 0.0.0.0 Serial3/0

!---This is the default route to ISP router.

ip route 172.31.10.0 255.255.255.0 10.10.10.2

!---This is the preferred route to the LAN.

ip route 172.31.10.0 255.255.255.0 192.168.20.2 250

!---This is the floating route to the LAN.

http://www.cisco.com/en/US/tech/tk365/technologies_tech_note09186a00800ef7b2.shtml

brooklynheight Fri, 02/08/2008 - 06:51

hmm..i did some research ..and is this a case of CIDR or supernetting-where multiple subnets are agregatted into one?

Richard Burts Fri, 02/08/2008 - 07:13

Leonardo

No I would not say that this is a case of CIDR or of supernetting.

There is an aspect of your original post which is not quite clear to me. When you describe interface A and interface B are these 2 interfaces on the same router or is A on one router and B on another router? Perhaps you can clarify this?

I would also like to address one of the questions asked in the original post:

Woulnt the /28 subnet mask force everything in the .20.x ip range int subnets of 16, 32, 64 etc???

While it is certainly best practice to have the subnet mask used by hosts to agree with the subnet mask used by the router, it is not required. The subnet mask used on the router can not "force" the hosts to use a particular mask.

When the mask used by the host is different from the mask used by the router things may work ok or there may be problems - especially when the mask on the host is longer than the mask used on the router. The link provided by Jon is a good discussion of this issue. Part of what is involved is that the host believes that more devices are in the "local" subnet and will ARP for them. If the router will respond to the ARP request for the device which is really in a different interface then things work ok. And the router will respond if proxy arp is enabled. But if proxy arp is disabled then the router does not respond and the hosts can not communicate.

HTH

Rick

brooklynheight Fri, 02/08/2008 - 07:32

Hi Rick-

Per the diagram in the TCP/IP routing book-

yes interfaces A and B are on the same router.

So even though the router may have a mask of /28-thus leaving the host range to

192.168.20.17 to 192.168.20.30--it can still ARP outside "network" range?

Jon Marshall Fri, 02/08/2008 - 08:02

The router will arp out if it has an interface in the range of the network address.

If it has an interface in the 192.168.20.16/28 range and an interface in the 192.168.20.32/28 range then it can arp out for IP address 192.168.20.40 if it receives the host arp for this address on the 192.168.20.16/28 interface.

But if it didn't have an interface in 192.168.20.32/28 range then no it wouldn't arp out outside the network range defined by 192.168.20.16/28.

Jon

Correct Answer
Richard Burts Fri, 02/08/2008 - 08:03

Leonardo

Thanks for clarifying that both interfaces are on the same router.

From the perspective of the router the network is 192.168.20.17 through 192.168.20.30 as you observe. From the perspective of the host behind the interface the network is 192.168.20.1 through 192.168.20.254.

A host will typically ARP for all addresses that it believes are local and will forward to its gateway all addresses that it believes are remote. So the host will ARP for any destination in the 192.168.20.x. If the router has enabled proxy arp and if the router knows where the destination subnet is, then everything works. But if the router has disabled proxy arp then the traffic will fail.

I think that it is helpful to remember that every device has its own view of what is in the network. It is best if the view of the host and of the router are the same. While I am not sure that it gets to the level of "not leagal" when the host has a different mask than the router it certainly introduces the possibility that something may not work.

HTH

Rick

Richard Burts Fri, 02/08/2008 - 10:03

Leonardo

I am glad that our answers were helpful. Thank you for using the rating system to indicate that your question was resolved (and thanks for the rating). It makes the forum more useful when people can read a question and can know that responses were given that resolved the question.

The forum is an excellent place to learn more about Cisco networking. I encourage you to continue your participation in the forum.

HTH

Rick

Actions

This Discussion