Hi all, i have a damned doubt about subnet mask

For example i have to hosts with follow addresses connected directly with a simple cable:

A IP 10.124.8.1
A SUBMSK 255.255.252.0

B IP 10.124.11.2
B SUBMSK 255.255.252.0

It is clear that they are in the same subnet. Here below the explanation

A 10.124.8.1

A IP______ 00001010.01111100.000010|00.00000001
A SUBNMSK 11111111.11111111.111111|00.00000000


A SUBNET PORTION 00001010.01111100.00001000.00000000

B 10.124.11.2

B IP______ 00001010.01111100.000010|11.00000010
B SUBNMSK 11111111.11111111.111111|00.00000000


B SUBNET PORTION 00001010.01111100.00001000.00000000


It's clear that this 2 hosts can ping each other because the portions of the subnet are the same in both of them


NOW THE PROBLEM:

how is possible that these 2 hosts below can ping each other???i can't really understand!!
Look at their addresses and subnet masks

A IP 10.124.9.1
A SUBNMSK 255.255.255.0 (notice the third byte 255)

B IP 10.124.9.2
B SUBNMSK 255.255.252.0 (notice the third byte 252)

And now the same procedure:

A 10.124.9.1

A IP______ 00001010.01111100.00001001|.00000001
A SUBNMSK 11111111.11111111.11111111|.00000000


A SUBNET PORTION 00001010.01111100.00001001.00000000

B 10.124.9.2

B IP______ 00001010.01111100.000010|01.00000010
B SUBNMSK 11111111.11111111.111111|00.00000000


B SUBNET PORTION 00001010.01111100.00001000.00000000


As you can see in this case the subnet portions are different. How is possible that they are still able to ping each other? i can't really understand.

Thanks to all

Probably because there both in the 10.124.9 subnet.

CompA with a third byte of 255 will only be able to see machines in the same subnet.

CompB with a third byte of 252 will able to see all machines in subnet 9 and all other subnets allowed by the 252 netmask (not exactly sure which ones i always get confused at that stage).

Edit: After a little research with a third byte of 252 CompB will see all computers with ips of 10.124.8.1 to 10.124.11.254

The A network, 10.124.9.1/255.255.255.0 has ips in the range: 10.124.9.1 to 10.124.9.254.

The B network, 10.124.9.2/255.255.252.0 has ips in the range:
10.124.8.1 to 10.124.11.254

So the A network is a sub space of B (which is larger than A). The A network is part of B address space.

To avoid two networks to talk each other they must have a separated address space.

cheers,

I do know how they are able to ping in any case - since you are using plain/simple network cable - that too directly plugged . Probably I am missing something.

Yes but look at it from bynary view instead from number view

if you look at the line which separe subnet portion from host portion, it's clear that host B has a different subnet portion

so teorically when they control their subnet mask to understand what is subnet in binary form they find that one is on 10.124.9.0 and the other one in 10.124.8.0


And like you have said, the fact that 10.124.8.0/22 include 10.124.9.0, 10.124.10.0, and 10.124.11.0 until 10.124.11.255 is right, but only because 9 is composed by 8 (net id) + 1 (host id), 10 is composed by 8 (net id) + 2 (host id), 11 is composed by 8 (net id) + 2 (host id) + 1 (host id). So basically all these numbers has always 8 as net id. But in my case is very strange because for the host A yes, we have 9, but this 9 is composed by
8 (net id) + 1 (again net id) and not by 8 (net id) + 1 (host id) because the third byte is 255 and not 252.

If both have the third byte set to 252 then the rule of 10.124.8.0 to 10.124.11.255 applies well, but having different byte causes a lot of doubt in my head

I am very confused....

**************************
FINALLY I HAVE UNDERSTOOD


Ok guys thanks for the help i have now understood. The truth is that the host completely ignore that a number like 9 can be composed by
a net id portion and by an host id portion

The rule is simple, if both hosts ip exist in both ranges, also if the subnet masks are different, then the hosts can ping each other.

I think that i can call this phenomenon OVERLAPPING, a word already used also to indicate a badly configuration of 2 dhcp serving the same subnet, allowing them to lease same ip range, and causing duplicate ip problem appears.


I have done different tests and this rule applies very well

Thanks all for the help , now the sky in my head is clear again

Oh, I understand your question now.

Well there is nothing wrong with that. I mean, when you ping the google.com, 216.239.37.104, the google's server is getting an ip packet from your valid external ip address, what is in a very different network. And, it answers back to you, and your machine receives a packet from 216.239.37.104 which is, again, in another network you are. There is no checking against the source address, just the destination adddress in the packet matter.

Subneting is used only for routing decision. There is no subnet mask info in the ip packet. Just the source and destination ip addresses.

If a packet with src=10.124.9.1 and dst=10.124.8.1 manage to reach the 10.124.8.1 interface, than the packet is accepted, no matter which is source address.

So, the answer is routing.
What is the routing table in both machines ?
How they are interconnected ?

mhmm no Marozsas the thing you are explaining is correct but it applies to hosts connected by routers. Thanks to routers they can communicate in the right manner even if they are in different subnets

My question is related to 2 hosts connected each other for example with a cross cable


However i clearly understood that the problem i have exposed is related only to LAN where someone try to connect togheter hosts with different subnet masks, but again, just keep in mind the rule:

EVEN WITHOUT A ROUTER, 2 host connected directly can ping each other if their ip addresses are respectively in both range of the 2 subnets where they are, even with a different subnet and subnet masks.
So doing another example (i have already tried it and it works):

host a: 10.124.9.1
255.255.252.0

the subnet where it is connected is 10.124.8.0

host b: 10.124.11.200
255.255.0.0

the subnet where it is connected is 10.124.0.0

NOTE: both hosts connected by hub without any router.

In this case even if the 2 subnets and subnet masks are very different, these 2 hosts can ping each other because the address 10.124.9.1 of host a, exists in the subnet 10.124.0.0/16 where host b is, and viceversa, the address 10.124.11.200 of host b exists in the subnet 10.124.8.0/22 where host a is.


CONCLUSIONS

So concluding, you guys are right, your first posts are right, both Marozsas and Okmyx, and again, this rule seems to applies well

Hi Berkut83,

I still think the reason is another: routing.
The address are in different networks. Without routing is impossible they reach each other.

Even without a router, 2 host connected directly can ping each other if there is a route (not a router) to the other network.

In the host A (10.124.9.1) if there is a route to B, and in host B, if there is a route to A (10.124.11.200) then both hosts will ping each other, even they are connected by a twisted cable or by a HUB.
To make the things more clear, the above still true if A is something like 10.0.0.1/24 and B is 172.17.0.1/24 - _and_ there is a proper route table in both machines.

What I did:
In host A
In host B
In host A
In host B
This is fine because they are in different subnets.
Now, if I add routing information to host A:

Note there is no need to add routing info to host B because B network already have the A's network.

That is my point. They are in different networks and they can ping each other if, and only if, there is routing information to do that.

Try to remove your routing table. I beat you can not get A to ping B or vice-versa anymore.

What you expected was that the two systems would not ping each other? Assuming they were on the same layer 2 network, both of them think the other is also on it's same IP network as well. The netmask actually defines what that host thinks is local and what it thinks is not local, so:

A IP 10.124.9.1
A NETMASK 255.255.255.0 (notice the third byte 255)
A IP______ 00001010.01111100.00001001|.00000001
A NETMASK 11111111.11111111.11111111|.00000000
A SUBNET PORTION 00001010.01111100.00001001.00000000

B IP 10.124.9.2
B NETMASK 255.255.252.0 (notice the third byte 252)
B IP______ 00001010.01111100.000010|01.00000010
B NETMASK 11111111.11111111.111111|00.00000000
B SUBNET PORTION 00001010.01111100.00001000.00000000

This is what you posted and it is all correct, however when A tries to ping B it looks at B's address and uses *it's* netmask to see if B is local:

A NETMASK 11111111.11111111.11111111|.00000000
B IP______ 00001010.01111100.00001001.00000010
SUBNET PORTION 00001010.01111100.00001001.00000000
(it thinks B is on the same subnet!)

Once it thinks B is on the same IP subnet as it, it will send a direct communication to B without trying to use a router. The same is true for B trying to ping A:

B NETMASK 11111111.11111111.111111|00.00000000
A IP______ 00001010.01111100.00001001.00000001
SUBNET PORTION 00001010.01111100.00001000.00000000
(it thinks A is on the same subnet!)

I hope that clarifies this some.

X MAROZSAS

Sorry to say this marozsas, but i have connected 2 pc directly and yes, they can ping even with that configuration i have post, with no need to insert a router between them.
I have checked and both routing tables are clean, and yes, they can ping, believe it or not, or better, try to take a cross cable and try it yourself,connect 2 machines, they will ping each other, i have simply tried it instead of only say it.

So after tried, if it works, there is no doubt that it's true

Here for you

*********************ROUTING TABLES AND PING TRIES******************


********************************************************************
********************************************************************
FIRST MACHINES WINDOWS XP 10.124.11.200 with 255.255.0.0

NOTE: is italian version, in italian NOTHING is NESSUNO,
_______ELENCO INTERFACCE is INTERFACE LIST and REPLY is RISPOSTA


Microsoft Windows XP [Versione 5.1.2600]
(C) Copyright 1985-2001 Microsoft Corp.


C:\Documents and Settings\Berkut83>route print 10.124.9.1


Route attive:
Nessuno
Route permanenti:
Nessuno



C:\Documents and Settings\Berkut83>ping 10.124.9.1

Esecuzione di Ping 10.124.9.1 con 32 byte di dati:

Risposta da 10.124.9.1: byte=32 durata<1ms TTL=64
Risposta da 10.124.9.1: byte=32 durata<1ms TTL=64
Risposta da 10.124.9.1: byte=32 durata<1ms TTL=64
Risposta da 10.124.9.1: byte=32 durata<1ms TTL=64

Statistiche Ping per 10.124.9.1:
Pacchetti: Trasmessi = 4, Ricevuti = 4, Persi = 0 (0% persi),
Tempo approssimativo percorsi andata/ritorno in millisecondi:
Minimo = 0ms, Massimo = 0ms, Medio = 0ms

C:\Documents and Settings\Berkut83>


*********************************************************************
*********************************************************************


SECOND MACHINE LINUX RED HAT ENGLISH 10.124.9.1 with 255.255.252.0


Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
10.124.8.0 0.0.0.0 255.255.252.0 U 0 0 0 eth0
169.254.0.0 0.0.0.0 255.255.0.0 U 0 0 0 eth0
10.0.0.0 0.0.0.0 255.0.0.0 U 0 0 0 eth0
127.0.0.0 0.0.0.0 255.0.0.0 U 0 0 0 lo
0.0.0.0 10.255.255.254 0.0.0.0 UG 0 0 0 eth0

[root@linux network-scripts]# ping 10.124.11.200
PING 10.124.11.200 (10.124.11.200) 56(84) bytes of data.
64 bytes from 10.124.11.200: icmp_seq=0 ttl=128 time=0.132 ms
64 bytes from 10.124.11.200: icmp_seq=1 ttl=128 time=0.114 ms
64 bytes from 10.124.11.200: icmp_seq=2 ttl=128 time=0.108 ms
64 bytes from 10.124.11.200: icmp_seq=3 ttl=128 time=0.106 ms

--- 10.124.11.200 ping statistics ---
4 packets transmitted, 4 received, 0% packet loss, time 3012ms
rtt min/avg/max/mdev = 0.106/0.115/0.132/0.010 ms, pipe 2
[root@linux network-scripts]#

*******************************************************************
*******************************************************************


As you can see in routing table there are no router addresses, but simply because there is no phisical router between them



_

Hey Berkut83

But there is a route in RedHat machine to the other network ! From your own data:
You see the routing info in the last line ?

That is I am talking. Without that route, there is no way to one machine communicates with the other one.

Hey Darin, thanks for join in this discussion,

Darin, I think you are wrong.
If two machines have different networks they can not communicate which other without a router (or a route). There is no exception to this very basic rule.

From your own post, it is clear A and B are two distinct networks:

As you can see in my experiment, They only ping each other after I install a route.

And as you can see in my last post to Berkut83, in fact, there is a route to the another network in the redhat machine, (based on own Berkut83's output) what explains why they ping each other.

I did a experiment to be sure I am not making any mistakes. Review my previous post, please, and tell me if you can find anything wrong with that, ok ?


cheers,

X MAROZSAS:

No Marozsas, that is the route for ITS network and NOT for XP network which is 10.124.0.0.
So this is NOT the route line it needs, but it is the standard line for the network where simply it is situated, which is 10.124.8.0.
In fact as you can see, is there maybe a valid gateway address to that line 10.124.8.0??? No, as you can see, it is simply 0.0.0.0 which means that linux can reach every machine in that range without using any gateway, in fact 0.0.0.0 is absolutely not a phisical gateway address, because i repeat, there is absolutely NOT a router between these 2 machines. They are connected directly, trust me, i have personally connected them without any router. I don't have any router, i have never bought a router in any computer shop.

Simply, at my home there are no routers! .

If you don't believe me i can do a digital photo showing
that these 2 machines are connected directly with a cross cable
without using a router!!! the cable exit from a network card,
and enter immediately in the other network card

If they ping each other, then they ping each other, no way.

Hey guys, I'm sorry but I am lost here.

When I setup one machine as 10.124.8.1/255.255.252.0 and other as 10.124.9.1/255.255.255.0 they was not able to ping each other, as expected, because they are in differente networks. It just happened after I add a route to the other network.

I redo the experiment this morning but now, I setup the first as 10.124.9.2/255.255.252.0, and for my surprise, it can ping 10.124.9.1/255.255.255.0 even they are in different networks !

What surprised me is the addresses 10.124.9.2/255.255.252.0 and 10.124.8.1/255.255.252.0 are in the same network, and them, does not matter which address I pick in the range 10.124.8.1 to 10.124.11.254. But obviously, something is different, but it escapes me.
An address at the end of range, e.g. 10.124.11.254, can not ping 10.124.9.1 too, as expected.

So, there is a exception for that network rule which says that a machine can connect directly to other only if they have the same network address ? Here we have a situation where machines in different networks can ping each other, since both are in the overlap address space ?

never heard about. In my opinion this is a bug.

Anyway, this was a good thread,
Nice to talk with all of you,