01-21-2012 07:38 AM - edited 03-07-2019 04:28 AM
I have a question about ARP.
assuming two PCs
[PC1]
IP:1.1.1.1
netmask :255.255.255.0
gateway:1.1.1.1
[PC2]
IP:2.2.2.2
netmask:255.255.255.0
gateway:2.2.2.2
why can these two PCs ping each other successfully? I thought they are on different network .
much appreciated.
01-21-2012 08:37 AM
You can not use one IP for both the PC and its gateway. The PC needs its own IP and the gateway (router or switch also need its own IP) but same subnet see below:
[PC1]
IP:1.1.1.2
netmask :255.255.255.0
gateway:1.1.1.1
[PC2]
IP:2.2.2.2
netmask:255.255.255.0
gateway:2.2.2.1
test again using this config
I
HTH
01-21-2012 01:50 PM
While I agree that your SHOULD not make the gateway address the same as the host address I do not agree that you CAN not.
Part of the behavior when the gateway address is the same as the host address is that the host will ARP for every destination. And if both hosts are in the same broadcast domain then their ARPs will find each other and they will be able to communicate with each other with no problem. If you think about it, if PC A sends ARP for PC B, and if PC B receives the ARP and responds to it, then why would the PCs not communicate with each other?
I would suggest to the original poster that we need to consider how this works at both layer 3 and at layer 2. From a layer 3 perspective it suggests that the PCs should be in different networks. But it appears that from a layer 2 perspective that they are in the same broadcast domain/same network. When there is a discrepancy between the layer 2 operation and the layer 3 operation then unexpected results may happen.
HTH
Rick
01-21-2012 06:09 PM
hi rick, thanks for your answer.
correct me if i am wrong here. when a host cannot find its destination address in its ARP table, it sends out ARP requests to the brocast domain ( MAC: FFFF.F...) , the destination will response to the ARP request and send reply.
so in this case both 1.1.1.1 and 2.2.2.2 happen to be in the same broadcast domain (assuming there is no router in between) so they can communicate with each other?
sorry i am a newbie here.
01-21-2012 06:19 PM
I would argue they are not in the same broadcast domain. A broadcast consist of host in the sane subnet, same vlan.
IP:1.1.1.2
netmask :255.255.255.0
Broadcast domain 1.1.1.1-1.1.1.254
01-22-2012 07:12 AM
Dannan,
>>so in this case both 1.1.1.1 and 2.2.2.2 happen to be in the same broadcast domain (assuming there is no router in between) so they can communicate with each other?
What broadcast domain is 1.1.1.1 in?
What broadcast domain is 2.2.2.2 in? Again, I think they are in seperate broadcast domains.
I mis read your quesiton earlier, I thought you meant that can not communicate with each other, but looks like you said they can w/o a router/MLS in between. What is in between?
01-22-2012 01:56 PM
Dannan
first let me respond to this:
"correct me if i am wrong here. when a host cannot find its destination address in its ARP table, it sends out ARP requests to the brocast domain ( MAC: FFFF.F...) , the destination will response to the ARP request and send reply."
I think your understanding here is not quite right - or at least is a bit too broad.
I would first say that the behavior depends on how the particular IP stack is written and the behavior may vary depending on the platform (and VM is a platform where I do not have much expertise). But in general, especially for Windows platforms, it depends on what the PC believes is local and on what it has for its default gateway. In general a PC will ARP for addresses that it believes are local and will just forward to its default gateway (not ARP) for addresses that it believes are remote. So I believe that it is significant in your experiment that the PC is treating itself as its own gateway (and as Reza points out this is usually not a good thing to do).
So to be clear - the normal behavior is to ARP for addresses that the host believes are local and to just forward to the default gateway for addresses that it believes are remote.
The response from Jimmy reflects a very common attitude - that being in the same subnet is the same as being in the same VLAN, and that being in different subnets means that they are in different VLANs. I would agree that this is how things should be in an ideal situation. But I have seen many situations where people set up networks that do not follow this principle So I have learned to be careful and to ask whether the layer 3 assumptions really do match up with the later 2 reality.
And the response from jyoung points out the importance of understanding exactly what VM is doing in a situation like what you set up. Does it put both hosts into the same VLAN? Does it implement proxy arp? Does it supply layer 3 forwarding between its own instances? I do not know the correct answers to these questions and hope that someone with more VM knowledge can enlighten us.
HTH
Rick
01-21-2012 06:07 PM
How are the pc's connected? If there is a switch with an interface on both subnets, then this could be the result of proxy-arp's.
Sent from Cisco Technical Support iPhone App
01-21-2012 07:52 PM
I did this experiment based on the vmware. i try to understand how two PCs from defferent networks are connected without a router.
01-21-2012 08:06 PM
I'm pretty sure virtualization apps like VMware use proxy-arp on the local interface, that would explain your situation. This would not work in a non virtual environment (assuming you did not have a l3 device on both subnets performing proxy-arp.
Sent from Cisco Technical Support iPhone App
01-22-2012 03:17 PM
It doesn't matter if the the pcs are on different VLANs or not. The pc will arp for an address in the subnet it is on, period. Only other clients in that subnet will hear the arp. If the gateway is configured, it will send the frames to the gateway. If there is no gateway (or its own ip is the gateway) it will arp for a remote addresses.
Enter proxy arp. A proxy arp device (in this case VMware virtual switch) will send a response to the arp for networks it knows.
Sent from Cisco Technical Support iPhone App
01-22-2012 07:47 PM
Hi Dannan,
I think that your unusual situation has more to do with the host OS, how it is configured to deal with virtual machines than with VM machines themselfs. If your host OS has routing enabled it may be able to route between your VMs.
Eugen
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide