Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 
New Member

subnets on a switch


I have a few switches with the ip address as 10.0.0.x /8.

I am connecting to these switches (http or telnet etc.) via computers that have an ip of 10.100.100.x /24.

1.Aren't these computers on a different subnet? How am I connecting?

2.I've thus far learned not to use the 10.0.0.x when subnetting yet this is the setup at my workplace.

There are no routers installed.

Sorry if this is no-brainer, but what I've learned so far (ccna mod 1/2) and what I'm seeing don't seem to be making much sense to me.



Re: subnets on a switch

Switches (as in Layer two switches, which act as bridges) don't care about the Layer 3 (i.e., IP) addressing.

The addresses you've applied to the switches are for admin (to be able to telnet/ssh into the console).

You could have used for your host addresses ... it'd still work through the switch, but you wouldn't be able to telnet to the switch from a host using an address from that range (without a router / L3 switch)

Chances are that if you are able to telnet to the switch with the addressing you've provided, it's because the address you gave the switch an address that falls within the /24 you've given the host ....

As long as the two communicating devices think they are on the same network, they won't try to use the default gateway.

For example, if you gave the switch an address of .... that falls into the host range of both the /8 you gave the switch, and the /24 you gave the hosts ... both thik the other is on the same network so they talk directly without trying to implement the default gateway.

Good Luck


New Member

Re: subnets on a switch

Thanx ScottMac,

I think some of this got cleared up, although I believe I confused myself in the process.

To simplify everything, I wrote out a class C address with a subnet mask set at

I connected two computers back to back, via a crossover cable.

I did not use the first subnet, as that's what I've been taught not to do so far. Although I'm seeing the NO IP SUBNET ZERO in the upcoming class. (ugh, ill never make it...)

So I set up computer A with a Network Address and a Subnet Mask of

I set up computer B as Subnet Mask

I was able to ping computer B with computer A. O.K. I'm a genius.

I then set up computer B with a Network Address of subnet mask of

I was NOT able to ping computer B from Computer A, Perfectly logical. I comprehend this much so far...

Next I set computer B to Network Address and Subnet Mask

I was still able to ping computer A.

I set computer B address to Subnet Mask

I was still able to ping computer A.

Nonetheless, I was able to ping computer A as long as computer B, host address was in the same available host addresses of computer A's subnet range...regardless of the subnet mask.

This is where I'm confused, I thought I was changing the "network address" when I changed the mask, though changing the mask on computer B really doesn't seem to have any effect...unless I implement the same subnet mask.

The conclusion I have come to is subnet masks are only valid if every host on the network shares the same mask...

Disregarding VLSM and CIDR, is the above statement true? I feel like I am missing something. It seems that anyone on a subnetted network could just plug in a valid host address and enter "any" subnet, and be able to communicate. I thought the idea of subnetting was to prevent this.

If you've read this far...thanx for your time.

I tend to over complicate.

BTW I'm just an electrician trying to learn a bit about networking...any advice is very much appreciated.


Re: subnets on a switch

You're "sorta" right.

The process used by the host (somewhat simplified) is this:

When the application (or higher layer) passes traffic down the stack to layer three, the first decision that has to be made is "Is this local traffic (same subnet) or is this remote (different net/subnet)."

If local, ARP if necessary, get the local MAC, send the frame::

If *not* local, ARP, if necessary for the Default Gateway's MAC, send the frame::

The mask is used to make that determination. The destination IP address is logically "ANDed" against the host's mask ... if the destination host's address falls into the same range, it's considered "local."

Since you used a sixteen bit mask on Host A, any valid number (1-254)in the third and fourth octet is seen as a host on the same network.

In the example you've posted, the network addresses still fall within the range that Host B thinks is its net/subnet.

If you moved Host B's address to, you would (once again) fail to ping, because Host A's address would be seen as "off-LAN" (remote) for Host B.

OR, keeping the same subnets ... if you made Host B's address (anything .65 -.254), then Host B would fail to ping, because it would see Host A's address is out of Host B's subnet.

The "problem" is that, regardless of mask, Host B think Host A is still in his /27 subnet (it is in the range), and because Host A is set for a /16, Host B is definately within its range.

This perfectly illustrates *why* paying attention to the mask is so important: if this was a real network, some hosts would communicate, others (outside the mask) would not ... one slip of the finger setting up a DHCP server (or router, or , or, or ...) can cause some serious headaches.

You're on the right track, good work with your research/lab.

Post again if you need additional clarification.

Good Luck


CreatePlease to create content