Solved: Correct workstation endpoint subnet mask?...

jmaxwellUSAF · ‎02-06-2023

I'm embarrassed to ask this, but I need to confirm...

1. What is the difference between configuring a workstation endpoint with a /24 or /32 subnet mask?

2. Does workstation endpoint 10.0.0.77/32 on network 10.0.0.0/24 receive its /24 network broadcasts?

(This is a curiosity because ACL's use "host 10.0.0.77", which means /32.)

Thank you.

Joseph W. Doherty · ‎02-06-2023

"(This is a curiosity because ACL's use "host 10.0.0.77", which means /32.)"

Yes and no. Yes, a host IP is a /32, but an ACL's mask doesn't have to mean an host IP is a host IP. Hopefully what follows will try to clarify this point.

Understand, a mask, in an ACL, can be applied without regard to network vs. host number. I.e. where /16, would indicate an IP address is split 16 bits for the network number, and 16 bits for the host number, and uses a mask of 255.255.0.0, in an ACL you could use a mask value of 255.0.255.0,1.2.4.8, etc. Of course, these later masks wouldn't be used for just separating an IP into its network and host numbers. I.e. if for whatever reason if I wanted to use a mask of 255.255.255.255, I could use the "host" parameter. (In fact, I have a very hazy recollection [???], that earlier on there wasn't a "host" option.)

"1. What is the difference between configuring a workstation endpoint with a /24 or /32 subnet mask?"

I believe the /32 implies the host and network numbers are one and the same. I.e. in a route table you can have /32 networks, which are also the host's address. (Technically, you could also argue there's no host number, within such a network.)

"2. Does workstation endpoint 10.0.0.77/32 on network 10.0.0.0/24 receive its /24 network broadcasts?"

I would not expect it to receive larger address block network broadcasts, as, for example, the two /25s within a /24 address block do not obtain network broadcasts directed to the /24, although if the /24 is advertised as an aggregate for one or both the subordinate /25s, the network broadcast may be forwarded toward the /24 aggregate until it's found there is no actual /24 network (i.e. it's an aggregate).

View solution in original post

Joseph W. Doherty · ‎02-06-2023

"(This is a curiosity because ACL's use "host 10.0.0.77", which means /32.)"

Yes and no. Yes, a host IP is a /32, but an ACL's mask doesn't have to mean an host IP is a host IP. Hopefully what follows will try to clarify this point.

Understand, a mask, in an ACL, can be applied without regard to network vs. host number. I.e. where /16, would indicate an IP address is split 16 bits for the network number, and 16 bits for the host number, and uses a mask of 255.255.0.0, in an ACL you could use a mask value of 255.0.255.0,1.2.4.8, etc. Of course, these later masks wouldn't be used for just separating an IP into its network and host numbers. I.e. if for whatever reason if I wanted to use a mask of 255.255.255.255, I could use the "host" parameter. (In fact, I have a very hazy recollection [???], that earlier on there wasn't a "host" option.)

"1. What is the difference between configuring a workstation endpoint with a /24 or /32 subnet mask?"

I believe the /32 implies the host and network numbers are one and the same. I.e. in a route table you can have /32 networks, which are also the host's address. (Technically, you could also argue there's no host number, within such a network.)

"2. Does workstation endpoint 10.0.0.77/32 on network 10.0.0.0/24 receive its /24 network broadcasts?"

I would not expect it to receive larger address block network broadcasts, as, for example, the two /25s within a /24 address block do not obtain network broadcasts directed to the /24, although if the /24 is advertised as an aggregate for one or both the subordinate /25s, the network broadcast may be forwarded toward the /24 aggregate until it's found there is no actual /24 network (i.e. it's an aggregate).