11-10-2021 08:27 AM - edited 11-10-2021 08:29 AM
My friend told me at work they always use this kind of subnetting , he said all devices can reach the router this way, but in ccna i was never thought this way
11-10-2021 08:33 AM
router subnet as the whole network?
this depends what network what subnet mask we looking.
most case /24 will be used or more.
11-10-2021 08:45 AM
I mean in the picture topology if we set the router interface ip address : 192.168.1.1 /26 and core switch 192.168.1.2 /26
other subnets cant reach the router without adding routing protocol right? that how we were thought in ccna , never thought about router subnet have broader reach
11-10-2021 09:00 AM
Hello,
it is difficult to tell from the picture how the router and the switch are configured. Is this a router-on-a-stick setup (with the router having subinterfaces for each Vlan), or is the switch a layer 3 switch that does the routing ?
11-10-2021 09:28 AM - edited 11-10-2021 09:33 AM
Hello
@enzo80 wrote:
I mean in the picture topology if we set the router interface ip address : 192.168.1.1 /26 and core switch 192.168.1.2 /26
other subnets cant reach the router without adding routing protocol right?
If you have other subnets other than a single /26 on the core then yes you are correct as the rtr needs to know about them, however if you have just the one /26 shared by all then users in this subnet will be able to reach each other, the core and rtr and for such a small network it wouldn’t be bad practice however i would personally still split it down .
11-11-2021 01:57 AM
In short if they belong to /26 network they will, if they go beyond that subnet, so that need to be corrected.
take example if you have /24 configured on that network, if any device configured by mistake /26 still can reach since it is with in /24
not other way around..........make sense ?
11-10-2021 10:34 AM
"My friend told me at work they always use this kind of subnetting . . ."
Rather unusual, not something I would recommend.
". . . he said all devices can reach the router this way . . ."
As @Georg Pauwen noted, diagram is lacking some key information.
On a shared wired (broadcast domain) you could have the router using a /24 and hosts partitioned into one of the four /26s (within the scope of the /24 - that's important!); it should work. Hosts in one /26 trying to communicate to another /26 will treat such as "off the local network". If they don't have a gateway defined, they would just ARP for destination, which should see ARP and respond. Router should be setup for proxy, but it won't respond for the /26s within its /24. (Of course, for traffic between the /26s, router is actually being bypassed, much the same as if all the hosts were defined in the /24. About the only advantage of doing this, that immediately comes to mind, subnet broadcasts would be ignored if host isn't in the same /26.)
If they had a gateway defined, hosts should send to gateway IP and the router, I believe (assuming not configured to do so), should reply with a redirect (because it "sees" all the /26s in the same subnet, its /24).
Router sending to any of those /26s would ARP.
However, diagram shows VLAN too, and how they are setup can make or break this from working. (Actually, off the top of my head, cannot see how to make it work with VLANs.) From diagram, how does router have "foot" in the four VLANs (10, 20, 30, 40) using a single /24 IP? Perhaps router has four interfaces bridging across all four VLANs, but that sort of defeats having VLANs.
Years ago, was in an environment where we had to do something like this for a "backup" network. It was so long ago, don't remember details, but do recall backup device used larger subnet to encompass multiple host subnets.
11-11-2021 04:05 AM - edited 11-11-2021 04:06 AM
sorry i forgot to include the configs:
core switch config:
CORE#show run
Building configuration...
Current configuration : 2297 bytes
!
version 16.3.2
no service timestamps log datetime msec
no service timestamps debug datetime msec
service password-encryption
!
hostname CORE
!
!
!
!
ip dhcp pool vlan-20
network 192.168.1.64 255.255.255.192
default-router 192.168.1.65
ip dhcp pool vlan-30
network 192.168.1.128 255.255.255.192
default-router 192.168.1.129
ip dhcp pool vlan-40
network 192.168.1.192 255.255.255.192
default-router 192.168.1.193
!
!
!
no ip cef
ip routing
!
no ipv6 cef
!
!
!
!
!
!
!
!
!
!
!
!
no ip domain-lookup
!
!
spanning-tree mode pvst
!
!
!
!
!
!
interface GigabitEthernet1/0/1
switchport trunk encapsulation dot1q
switchport mode trunk
!
interface GigabitEthernet1/0/2
switchport trunk encapsulation dot1q
switchport mode trunk
!
interface GigabitEthernet1/0/3
switchport trunk encapsulation dot1q
switchport mode trunk
!
interface GigabitEthernet1/0/4
switchport access vlan 10
switchport mode access
switchport nonegotiate
spanning-tree portfast
!
interface GigabitEthernet1/0/5
!
interface GigabitEthernet1/0/6
!
interface GigabitEthernet1/0/7
!
interface GigabitEthernet1/0/8
!
interface GigabitEthernet1/0/9
!
interface GigabitEthernet1/0/10
!
interface GigabitEthernet1/0/11
!
interface GigabitEthernet1/0/12
!
interface GigabitEthernet1/0/13
!
interface GigabitEthernet1/0/14
!
interface GigabitEthernet1/0/15
!
interface GigabitEthernet1/0/16
!
interface GigabitEthernet1/0/17
!
interface GigabitEthernet1/0/18
!
interface GigabitEthernet1/0/19
!
interface GigabitEthernet1/0/20
!
interface GigabitEthernet1/0/21
!
interface GigabitEthernet1/0/22
!
interface GigabitEthernet1/0/23
!
interface GigabitEthernet1/0/24
!
interface GigabitEthernet1/1/1
!
interface GigabitEthernet1/1/2
!
interface GigabitEthernet1/1/3
!
interface GigabitEthernet1/1/4
!
interface Vlan1
no ip address
shutdown
!
interface Vlan10
mac-address 0009.7c01.0301
ip address 192.168.1.3 255.255.255.192
!
interface Vlan20
mac-address 0009.7c01.0302
ip address 192.168.1.65 255.255.255.192
!
interface Vlan30
mac-address 0009.7c01.0303
ip address 192.168.1.129 255.255.255.192
!
interface Vlan40
mac-address 0009.7c01.0304
ip address 192.168.1.193 255.255.255.192
!
ip classless
!
ip flow-export version 9
!
!
!
!
!
!
!
!
line con 0
logging synchronous
!
line aux 0
!
line vty 0 4
login
!
!
!
!
end
Router config:
Router>
Router>en
Router#show run
Building configuration...
Current configuration : 704 bytes
!
version 15.1
no service timestamps log datetime msec
no service timestamps debug datetime msec
no service password-encryption
!
hostname Router
!
!
!
!
!
!
!
!
ip cef
no ipv6 cef
!
!
!
!
license udi pid CISCO2911/K9 sn FTX1524950Z-
!
!
!
!
!
!
!
!
!
!
!
spanning-tree mode pvst
!
!
!
!
!
!
interface GigabitEthernet0/0
ip address 192.168.1.1 255.255.255.0
duplex auto
speed auto
!
interface GigabitEthernet0/1
no ip address
duplex auto
speed auto
shutdown
!
interface GigabitEthernet0/2
no ip address
duplex auto
speed auto
shutdown
!
interface Vlan1
no ip address
shutdown
!
ip classless
!
ip flow-export version 9
!
!
!
!
!
!
!
!
line con 0
!
line aux 0
!
line vty 0 4
login
!
!
!
end
access switches only have vlans
11-11-2021 04:59 AM
Hello,
that configuration indeed works.
What did they tell you during the CCNA class/course with regard to configuring that kind of topology ? I guess typically, for any L3 link, you would usually configure a separate subnet. Both would work in your case.
11-11-2021 06:07 AM - edited 11-11-2021 06:09 AM
Hello
You configuration as it is WONT work, Because the rtr doesn't have any idea how to reach the core switch vlans and has no idea how to reach non LAN traffic (internet/wan etc..) Also, the core switch doesn't have any route egress towards the rtr for non Lan traffic.
You need to either apply a IGP routing process (rip/eigrp/ospf) or apply static routing and if the rtr is internet facing then you would need to also apply Network Translation (NAT) so LAN traffic has access to the internet.
11-11-2021 07:15 AM
Hi
I agree with Paul, there is no routing to unknown networks here, so nothing can leave this environment. But what happens inside this network.
If host on network 20,30 and 40 wants to speak with each other, it will work OK if they have the correct gateway configured.
What happens if a host want to send packets to the router? It will send to the default-gateway, wich is the coreswitch. The core send it to the router.
When the router want to send packets to the host, the router think that the host is directly connected, and will try to arp for the ip address, and that will only work if the switch supports proxy arp. If it doesn't support proxy arp it will not work.
/Mikael
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide