Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
New Member

EIGRP

Hi,

I have 3750 used as core for routing.I have multiple VLANs configured and used EIGRP as my routing.

***

!

!

interface Vlan10

ip address 192.16.0.2 255.255.224.0

no ip unreachables

router eigrp 172

network 192.16.0.0

no auto-summary

no eigrp log-neighbor-changes

!

!

My problem is that hosts connected to

to VLANs can still used the network even if their subnet mask is change to /16.I using /19 for all network.Please,any advice..

5 REPLIES
Purple

Re: EIGRP

I am assuming you are saying that you changed the subnet mask for your hosts from /19 to /16...

If you do this, the following will happen:

- to reach other subnets of 192.168.0.0 (for example, an address of 192.168.100.1) the hosts would have previously used the 3750 (as a gateway)

- with the /16 mask, the hosts will believe all addresses within 192.168.0.0/16 are directly connected and will ARP for them

- since proxy ARP is turned on by default, the 3750 will respond to these ARPs, sending its own MAC address for these addresses.

Therefore, everything will still work. However, this config is sub-optimal and should be fixed to use the right masks.

Have I answered your question.

Pls rate the post if it helps.

Paresh.

New Member

Re: EIGRP

Hi,

Thanks, my interface vlan belongs to 172.17.0.0/19(my actual IP Block)with interface ip add of 172.17.0.1/19 and as a gateway for hosts that belong to that vlan.i want that all hosts on that VLAN can "only connect" if using /19.But host can still use the network even if i change the host subnet mask to /16.If i will disable the proxy ARP how does it affect the scenario?

Thanks

Purple

Re: EIGRP

If you disable proxy-arp, all that will prevent is the ability of the hosts using the /16 mask to communicate with other addresses within the 172.17.0.0/16 (i.e IP addresses outside the first /19)

However, if you want to stop hosts that are using a /16 mask from communicating with any remote addresses at all, you simply cannot do it this way. No matter what the subnet mask on a host is, when it sends an IP packet it will use its IP address as the source address in the IP packet. There is absolutely no indication of subnet mask at all so you simply cannot filter on the basis of that.

May I ask what your reasoning for doing this is ? Maybe there is another solution to achieving what you want.

Paresh.

New Member

Re: EIGRP

hi,

Thank you very much.All i need is my hosts to use the /19 mask since all network is in /19.I decided to disable the proxy-arp

Purple

Re: EIGRP

Excellent.

Pls do rate the posts you found useful.

Regards,

Paresh.

122
Views
3
Helpful
5
Replies
CreatePlease to create content