HPE Community
Operating System - HP-UX
1833445 Members
3127 Online
110052 Solutions
New Discussion

Beginner subnet questions: e.g. why can every system ping every other system?

 
SOLVED
Go to solution
Ed Lawrence_1
Frequent Advisor

‎07-09-2002 05:36 AM

‎07-09-2002 05:36 AM

Beginner subnet questions: e.g. why can every system ping every other system?

In a lab room, I set up a number of 11.0 systems with 192.168.11.x IP addresses.
Each system has only one lan card.

The x values include: 2, 21, 67, 68, 69, 85, 102, 103, 180, and 182. There is a router with address of .100 outside of the room. I use that as the default gatway.
The above simple setup works fine as a pure local area network.
----------
I'm trying to learn subnetting. I decided to set up 2 subnets. I took 2 bits from the 4th octet. I set the netmask to 255.255.192.0.

ifconfig displays a netmask of ffffc000 and a broadcast of 192.168.63.255.

Questions:
1) Every system can still ping every other system. If the systems are on two dif subnets, shouldn't I now need to set up a system as a router?

2) I think, according to the literature that the valid host addresses should range from .65 through 126 and .129 through 190. Does this mean 1 through 64 should be invalid with this subnet setup? My systems with low numbers can still ping the higher numbers.

In short: I tried to set up 2 subnets, but it still acts like one network.

Perhaps someone can recommend a web site or literature that has an example I can follow, or maybe suggest where I may have gone wrong.

Thanks.
0 Kudos
8 REPLIES 8
Sridhar Bhaskarla
Honored Contributor

‎07-09-2002 05:55 AM

‎07-09-2002 05:55 AM

Re: Beginner subnet questions: e.g. why can every system ping every other system?

First of all, to setup two subnets, I would configure a mask of 255.255.255.128. This gives you network 63.0 with hosts from 1 to 126 and and 63.128 with hosts from 129 to 254.
You should not be able to ping from one subnet to the other as one falls in broadcast range in 63.127 and the other in 63.255.

With 255.255.192.0, the broadcast address becomes (192.168.127.255, someone pls help me with the calculation) for all your IPs and I am not surprized to see your results.

-Sri
You may be disappointed if you fail, but you are doomed if you don't try
0 Kudos
harry d brown jr
Honored Contributor

‎07-09-2002 06:02 AM

‎07-09-2002 06:02 AM

Re: Beginner subnet questions: e.g. why can every system ping every other system?


Ed,

http://www.aplawrence.com/Unixart/net101.html

http://www.itpapers.com/cgi/PSummaryIT.pl?paperid=15233&scid=66

and HP has a few classes on networking:

http://education.hp.com/hp-uxnetworking.htm

live free or die
harry
Live Free or Die
0 Kudos
Ed Lawrence_1
Frequent Advisor

‎07-09-2002 07:36 AM

‎07-09-2002 07:36 AM

Re: Beginner subnet questions: e.g. why can every system ping every other system?

Hi, and thanks for replies. Here is an update.

BTW: I'm using the Sys Admin & Networking II book [from a friend] as a guide. On page 5-20 is a chart that summarizes the number of subnet and hosts available for various netmasks. I chose a netmask of .192 because I thought 192.168.11.x was class C (/24).

Confusion: The 255.255.255.128 netmask that was recommended is for /16. I don't yet understand about mixing /16 and /24. e.g. The chart says "9 subnet bits". I'm not sure how to even draw the bits for that.

Result of netmask change: If I used set_parms, the machine locked up. If I used ifconfig to set the netmask, it came back with "ifconfig %s bad value" and the machine locked.
Not sure what's going with that.


0 Kudos
Sridhar Bhaskarla
Honored Contributor

‎07-09-2002 08:17 AM

‎07-09-2002 08:17 AM

Re: Beginner subnet questions: e.g. why can every system ping every other system?

Hi,

Set the ndd parameter ip_check_subnet_addr to 0. This will disable verification of RFC1122 (it works for me here) by the system.


Yours is Class C. The default subnet mask in bits is

11111111.11111111.11111111.00000000

The number of subnets you get here (last octet is 2power0=1.

But you need two subnets means 2powerx=2.
So x becomes 1. So, I simply add 1 to the fourth octet to get 10000000 which is equivalent to 128.

If you wanted four subnets, x will be 2. So add two bits to get 11000000 that becomes 192. You can do logical "AND" with the subnet mask and the IP address to get the corresponding network.

-Sri

You may be disappointed if you fail, but you are doomed if you don't try
0 Kudos
Sridhar Bhaskarla
Honored Contributor

‎07-09-2002 08:18 AM

‎07-09-2002 08:18 AM

Re: Beginner subnet questions: e.g. why can every system ping every other system?

Hi,

Set the ndd parameter ip_check_subnet_addr to 0. This will disable verification of RFC1122 (it works for me here) by the system.

ndd -set /dev/ip ip_check_subnet_addr 0

Yours is Class C. The default subnet mask in bits is

11111111.11111111.11111111.00000000

The number of subnets you get here (last octet is 2power0=1.

But you need two subnets means 2powerx=2.
So x becomes 1. So, I simply add 1 to the fourth octet to get 10000000 which is equivalent to 128.

If you wanted four subnets, x will be 2. So add two bits to get 11000000 that becomes 192. You can do logical "AND" with the subnet mask and the IP address to get the corresponding network.

I would use ifconfig command to configure the IP after setting ndd parameter.

-Sri

You may be disappointed if you fail, but you are doomed if you don't try
0 Kudos
Sridhar Bhaskarla
Honored Contributor

‎07-09-2002 08:52 AM

‎07-09-2002 08:52 AM

Solution

Re: Beginner subnet questions: e.g. why can every system ping every other system?

Hi (again),

I looked at your last message again..

Theoritically both the subnets that you get with 128 netmask are not valid just because of the reason that the primitive router protocols could get confused. The first subnet confuses them with the whole network and the second one with the broadcast. This is not valid anymore on the modern implementations so you can cautiously use these subnet masks. If you want to follow the legal way, you will need to use 192 subnet mask (not in the third octet) to get four subnets with the first and the last being invalid. But with this way, you can only get half of the system covered. The bit notation for 128 subnet is /25 and for 192 is /26. If you want to devide a class C network, you *should* not be touching the third octet.

Here is a simple tutorial on Subnet Addressing.

http://www.networkcomputing.com/unixworld/tutorial/001.html

-Sri

You may be disappointed if you fail, but you are doomed if you don't try
0 Kudos
Ed Lawrence_1
Frequent Advisor

‎07-09-2002 09:49 AM

‎07-09-2002 09:49 AM

Re: Beginner subnet questions: e.g. why can every system ping every other system?

Thank you Sridhar and Harry--it now works as expected.

I implemented the 255.255.255.192 subnet and the high end systems have a broadcast of 192.168.11.127 and the high end have a broadcast of 192.168.11.191.
The systems below .65 give an error when I try to configure them with the subnet mask (and this matches the theory).
The pings work as the book says they should.

I obviously misunderstood where to put the 192 in the subnet mask. I find the Sys Admin II course book a bit confusing, as in some places it uses /16 examples and others /24. Without an instructor, it's a bit harder to follow.

Harry, I have bookmarked the web sites you listed in your response.
Thanks again to all.
0 Kudos
Ed Lawrence_1
Frequent Advisor

‎06-24-2005 07:13 AM

‎06-24-2005 07:13 AM

Re: Beginner subnet questions: e.g. why can every system ping every other system?

(see above)
0 Kudos
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.