Hi,

I have a question relating to Subnet Masks (Extended Prefix/VLSM/CIDR) that I am hoping someone can answer ...

Is it correct to say that with the application of appropriate masks, an identical IP address can exist on a given network, provided they are on different subnets .... For example 10.68.0.0/15 and 10.0.0.0/11 both support a base network of 10.0.0.0 with IP address ranges 10.0.0.1 to 10.31.255.254?
Am I missing something fundamental here :(

Don-

Different subnet mask means they are on different networks.

/15 means the first 15 bits are dedicated to the network and remainder to hosts.
/11 means the first 11 bits are dedicated to the network and remainder to hosts.

As long as all of the layer 3 devices are setup for VLSM then they will know to look at the subnet mask, and calculate that each is destined for a different network.

So while true that it is possible to have two or more matching addresses the subnet mask will determine that they are not on the same network.

It's not necessarily the easiest concept to fully comprehend but the CIDR-style prefix notation (e.g., /24) is functionally equivalent to a subnet mask (http://en.wikipedia.org/wiki/Subnetwork), and generally easier to understand.

Gents,

Thankyou for the fast response .... This area is new to me I'm afraid! So, taking this concept a step further does VLSM/CIDR imply that the availability of IPv4 address space is in fact much more abundant that an initial calculation would have you believe ....? For example if I am a global corporation managing a network across multiple regions, and sharing10.x.x.x address space across this network, then with an effective subnetting strategy I may have identical addresess 'appearing' on the network - but as long as they are associated with different, unique subnets this will not cause any issues/conflicts .....?

Don-

Not quite sure where you are coming from but if you have a private LAN utilising 10.x.x.x (10/8) address space then you can have up to 16,777,216 unique IP addresses on it. Private LAN addresses (and other reserved addresses such as loopbacks) are usually ignored by internet routers so are not involved in the availability of Global IPv4 address space. The use of NAT (http://en.wikipedia.org/wiki/Network_address_translation) is one of the main things that has extended the life of the Global IPv4 address space.

I think I've got this right but since I have myself been slow to grasp all the subtleties of networking, others will no doubt point this out if I have been misleading.

Yes there is an important distinction to be made between public and private IP space. You can subnet your private network however works for you, but generally the best practice would be tighter subnet masking so you have more networks and less hosts per network. This way you have more manageable nodes, and less traffic overall as broadcasts are made to smaller segments and kept there.

When dealing with public IP space then it gets more complicated. You can't just decide you want to subnet your public IP in some way and do it. In most situations a public IP is given to you by an ISP, and this is already a subnet of the ISP network. You are forced to use the subnet mask given to you that is associated with your allocated IP space. NAT makes it possible to better use these limited addresses. Most cases don't require you have multiple public IPs available just to have multiple hosts on the internet. NAT allows for multiple hosts to share the same IP, and then doing port forwarding allows you to direct traffic to multiple internal servers using the same public IP. So you can have a mail server, web server, and ftp server all on the same public IP but different physical servers internally by directing the traffic based on TCP port. This is what is really allowing for the extended use of IP v4.

VLSM doesn't allow for the same IP to be used on different networks thus preserving IPs. Remember that this is only of concern in the public domain, and that all public IP space is owned by someone and controlled. There wouldn't be the possibility of company A using a /8 and company B using a /12 on the same IP space. The range of IP addresses is registered to one owner, and they subnet as they see fit and then use a protocol (such as BGP) to advertise the route to the network. VLSM allows for IP conservation to some extent by allowing IPs to be assigned in tighter groups (ie if setting up a point to point connection you can use a /30 and not waste any IPs).

Hi,

I have a question relating to Subnet Masks (Extended Prefix/VLSM/CIDR) that I am hoping someone can answer ...

Is it correct to say that with the application of appropriate masks, an identical IP address can exist on a given network, provided they are on different subnets .... For example 10.68.0.0/15 and 10.0.0.0/11 both support a base network of 10.0.0.0 with IP address ranges 10.0.0.1 to 10.31.255.254?
Am I missing something fundamental here :(

Don-

Yeap, you are forgetting that a computer will check that no other host has its IP address on it's network( its broadcast domain) when it boots up by sending out a broadcast packet(Gratuitous ARP packet) (http://wiki.ethereal.com/Gratuitous_ARP) asking if any one has it's IP. If another box answers that it does have that same IP then IP is disabled for the second host.

It is not possible for 2 host to have the same IP on the same network (broadcast domain) no matter what the subnet used.
By the same token noone would configure a router to have two interfaces with the same subnet but with different subnet mask. (if it could even be done which I am pretty sure can't be) Even if you could why would you?? How would the router route traffic if a packet's designation IP could be "mapped" to two interfaces (outside of multicasting or some oddball trunking setup)?

EDIT In the case of two computers (A and B with the same ip, but on different subnets) how would computer C send information to B if it was on A's network? It's would always look at it's own subnet mask compare that to the designation IP of B, then say to itself "its on my network" and promptly send B's data to A. The data would never be sent to the default gateway cause C would always think B was on it's own network.


Anyways, hope this helps :)