I have recently done an upgrade on a Cisco 2520. As part of the upgrade and SVI was added to the switch to allow a VLAN to route locally which was previously done at another switch (via a trunk). The SVI had the following parameters;
Network Addr: 192.168.65.96
Subnet Mask: 255.255.255.248
SVI Addr: 192.168.65.102
There were two devices on this subnet and, when the the change was made both devices were still able to communicate to the remote network even though the default gateway and subnet mask were 192.168.65.1 / 255.255.255.0 respectively.
Subsequent to this, while monitoring, I lost communications to one of the devices however the other remained online. I rectified the problem by correctly configuring the Subnet Mask and Default gateway on both devices but I was wondering if anyone could explain why I was able to communicate with one device and not the other even though both devices had incorrectly configured sunet masks /default gateways?
Thanks!
Best Answer
Generally hosts follow one basic rule when deciding where to send packets (at L2 / MAC layer):
So misconfiguring the gateway might go unnoticed because:
Misconfiguring the netmask (or prefix length) can have these results:
If the netmask is wider than it should be (i.e. prefix length is shorter), hosts within the same subnet will still be able to communicate, because the "Same subnet?" check still won't fail.
However, it will prevent communications with hosts which the netmask covers but isn't supposed to, because the host will try to ARP-resolve an address which is physically elsewhere. (Due to the wrong netmask, it will think the destination host is local.)
But communications may still be possible if the gateway implements Proxy ARP and answers those ARP requests on behalf of the "other side". This is sometimes done as part of client isolation done by ISPs, or as an interim step in splitting a large subnet into several. (Indeed, proxy ARP was used to split classful networks before subnets were invented.)
If the netmask is too narrow (prefix length too large), it's the opposite: communications within the subnet will be affected, because the host mistakenly thinks it needs to use the gateway.
Note that this won't necessarily prevent communication (as the gateway will just route the packet back to the same subnet), just make it much less efficient.
(The gateway might also send you ICMP "Redirect" packets informing you that a direct path exists; some operating systems will automatically update their routing table upon receiving this.)
Unless, that is, you have a combination of too narrow netmask and wrong gateway. That would entirely prevent communications to affected hosts.
Note: In this post, "router" and "gateway" (synonymous) refer to the logical node (which speaks IP, contains a routing table, and connects multiple IP-based networks), and not to the physical device. If you use a combined router/switch, then data going through the switch ports does not necessarily go through the router core, so for purposes of the above explanation you should treat it as two devices.