- Posts: 81
- Thank you received: 0
crazy subnetting question?
17 years 11 months ago #19226
by Brandonh
crazy subnetting question? was created by Brandonh
This may seem a little crazy but its something to think about let me know your thoughts.
Would theese computers beable to communicate why or why not ?
172.16.35.20 255.255.192.0
172.16.40.25 255.255.224.0
Obviously they have differnt subnet masks however theese two specific ip address in theese subnets are in the same ip range.
172.16.35.20/18 would be 172.16.0.0-172.16.64.0
172.16.40.25/19 would be in the 172.16.32.0 - 172.16.64.0
If they were not segmented but on the same physical lan do you think they could communicate ? why or why not ?
What if they were segmented but the router was in that same range suppose it was 172.16.36.5 ? why or why not ?
Or what if the segments were bridged then what ?
Would theese computers beable to communicate why or why not ?
172.16.35.20 255.255.192.0
172.16.40.25 255.255.224.0
Obviously they have differnt subnet masks however theese two specific ip address in theese subnets are in the same ip range.
172.16.35.20/18 would be 172.16.0.0-172.16.64.0
172.16.40.25/19 would be in the 172.16.32.0 - 172.16.64.0
If they were not segmented but on the same physical lan do you think they could communicate ? why or why not ?
What if they were segmented but the router was in that same range suppose it was 172.16.36.5 ? why or why not ?
Or what if the segments were bridged then what ?
17 years 11 months ago #19228
by Dove
Dove
Replied by Dove on topic Re: crazy subnetting question?
Hi Brabdonh,
Here nothing to be crazy thing...if we understood the subnetting...
The packet will travel to its respective destination based on its Network and Broadcast address.
In your Scenario
IP: 172.16.35.20 255.255.192.0
Network Add: 172.16.0.0
BroadCast Add: 172.16.63.255
Host IPs: 172.16.0.1 - 172.16.63.254
IP : 172.16.40.25 255.255.224.0
Network Add: 172.16.32.0
Brdcast Add :172.16.63.255
Host IP: 172.16.32.1 - 172.16.63.254
here subnet clause is happening so you couldn't apply this subnets on same time. Because either of the subnets useing its own N/W and Brd address to communicate within its subnets...hence as it creating a IP clauses between these subnets it wont all you to implement on same LAN..
Hope it may helps you.
Cheers,
Here nothing to be crazy thing...if we understood the subnetting...
The packet will travel to its respective destination based on its Network and Broadcast address.
In your Scenario
IP: 172.16.35.20 255.255.192.0
Network Add: 172.16.0.0
BroadCast Add: 172.16.63.255
Host IPs: 172.16.0.1 - 172.16.63.254
IP : 172.16.40.25 255.255.224.0
Network Add: 172.16.32.0
Brdcast Add :172.16.63.255
Host IP: 172.16.32.1 - 172.16.63.254
here subnet clause is happening so you couldn't apply this subnets on same time. Because either of the subnets useing its own N/W and Brd address to communicate within its subnets...hence as it creating a IP clauses between these subnets it wont all you to implement on same LAN..
Hope it may helps you.
Cheers,
Dove
17 years 11 months ago #19231
by S0lo
Studying CCNP...
Ammar Muqaddas
Forum Moderator
www.firewall.cx
Replied by S0lo on topic Re: crazy subnetting question?
Yes, I tried it and it works!. I've set the two IPs and mask on two different PC on the same switch and they can ping each other.
I think this is what is happening, the 172.16.35.20/18 subnet contains the 172.16.40.25/19 subnet. A PC on the /18 will always think the other PC on the /19 is part of it's subnet, so when it sends a packet, it will forward it dirrectly (ARPing and finding it's MAC) without forwarding to the router.
However, when the other PC replies it will not necessarily see the sender PC from the /18 as part of it's /19 subnet. But in your case here it happens that the 172.16.35.20 (the sender) also lies within the 172.16.40.25/19 subnet. The replier (172.16.40.25) will also see sender as part of it's sub. and will forward directly.
Vise versa will also work, As far as I know.
I think this is what is happening, the 172.16.35.20/18 subnet contains the 172.16.40.25/19 subnet. A PC on the /18 will always think the other PC on the /19 is part of it's subnet, so when it sends a packet, it will forward it dirrectly (ARPing and finding it's MAC) without forwarding to the router.
However, when the other PC replies it will not necessarily see the sender PC from the /18 as part of it's /19 subnet. But in your case here it happens that the 172.16.35.20 (the sender) also lies within the 172.16.40.25/19 subnet. The replier (172.16.40.25) will also see sender as part of it's sub. and will forward directly.
Vise versa will also work, As far as I know.
Studying CCNP...
Ammar Muqaddas
Forum Moderator
www.firewall.cx
17 years 11 months ago #19233
by TheBishop
Yes this sort of thing will work, and it works because each machine simply applies the logic we all know and love when considering how to forward the packet - if mysubnet mask indicates the destination is on my network then I'll attempt to deliver it locally, otherwise I'll forward it to my default gateway or to a specific gateway for the distant network if I have a suitable entry in my routing table. The fact that the two subnet masks aren't the same doesn't matter - it's the local on on each machine that is used when determining how to route.
In practical terms this can get interesting. You can have a machine on a real network with an incorrect subnet mask that still works fine, or works fine to one group of machines (IP addresses) but not to another, or that doesn't work at all. And you can get crazy situations like a ping packet being correctly routed from origin to target but then being misrouted by the target (or some device in between) due to a subnetting error and going off to goodness knows where instead of back to the origin. Bear this in mind - just because a ping fails doesn't always mean the target machine is down..
In practical terms this can get interesting. You can have a machine on a real network with an incorrect subnet mask that still works fine, or works fine to one group of machines (IP addresses) but not to another, or that doesn't work at all. And you can get crazy situations like a ping packet being correctly routed from origin to target but then being misrouted by the target (or some device in between) due to a subnetting error and going off to goodness knows where instead of back to the origin. Bear this in mind - just because a ping fails doesn't always mean the target machine is down..
17 years 11 months ago #19240
by Brandonh
Replied by Brandonh on topic Answer to the question
Its always fun thinking of theese things i came up with this question because me and some friends were practicing our subnetting and we thought this would be a interesting question.
IF you perform the boolean function
172.16.35.20
255.255.192.0
It would show the subnet as 172.16.0.0 and begin at 172.16.0.1 end at 172.16.63..254.
If you did it again with the destination IP
172.16.40.25
255.255.192.0
it would show it in the same subnet. so by taking the destination ip address and doing the boolean function you can see how it sees it as part of its own network.
If you were to do the same thing with the other pc
172.16.40.25
255.255.224.0
subnet would be 172.16.32.0 beginning at 172.16.32.1 and ending at 172.16.63.254.
and the destination address 172.16.35.20
172.16.35.20
255.255.224.0
would show the
subnet would be 172.16.32.0 beginning at 172.16.32.1 and ending at 172.16.63.254.
Hence they would believe they were in the same network. and then foward based upon mac address through arp.
IF you perform the boolean function
172.16.35.20
255.255.192.0
It would show the subnet as 172.16.0.0 and begin at 172.16.0.1 end at 172.16.63..254.
If you did it again with the destination IP
172.16.40.25
255.255.192.0
it would show it in the same subnet. so by taking the destination ip address and doing the boolean function you can see how it sees it as part of its own network.
If you were to do the same thing with the other pc
172.16.40.25
255.255.224.0
subnet would be 172.16.32.0 beginning at 172.16.32.1 and ending at 172.16.63.254.
and the destination address 172.16.35.20
172.16.35.20
255.255.224.0
would show the
subnet would be 172.16.32.0 beginning at 172.16.32.1 and ending at 172.16.63.254.
Hence they would believe they were in the same network. and then foward based upon mac address through arp.
17 years 11 months ago #19243
by Smurf
Wayne Murphy
Firewall.cx Team Member
www.firewall.cx
Now working for a Security Company called Sec-1 Ltd in the UK, for any
Penetration Testing work visit www.sec-1.com or PM me for details.
Replied by Smurf on topic Re: crazy subnetting question?
Brandonh,
Great observation however be careful. What you are saying is correct if both machines are on the same switch, in the same VLAN. In reality, the different subnets would be seperated by routers (or VLAN's using intervlan routing) and as such it may not even get passed to the routers since it would beleive that they are on the same subnet and hence you would get into serious issues.
Its great for testing (and playing around with) but not to be setup in a live network environment as it would cause headache in troubleshooting
Cheers
Great observation however be careful. What you are saying is correct if both machines are on the same switch, in the same VLAN. In reality, the different subnets would be seperated by routers (or VLAN's using intervlan routing) and as such it may not even get passed to the routers since it would beleive that they are on the same subnet and hence you would get into serious issues.
Its great for testing (and playing around with) but not to be setup in a live network environment as it would cause headache in troubleshooting
Cheers
Wayne Murphy
Firewall.cx Team Member
www.firewall.cx
Now working for a Security Company called Sec-1 Ltd in the UK, for any
Penetration Testing work visit www.sec-1.com or PM me for details.
Time to create page: 0.133 seconds