Wednesday, May 16, 2018

A question of subnet mask....

I had a question asked of me today that I thought I knew the answer to, but, after thinking about it I wanted to get the thoughts of this sub...

So, Let's assume we have two devices.

Device "A" has an IP address of 10.192.193.40 with a mask of 255.255.0.0

Device "B" has an IP address of 10.192.192.40 with a mask of 255.255.255.0

I have an IPsec VPN setup between two sites that routes the full /24 of 10.192.192 to 10.192.193, and the full /24 of 10.192.193 to 10.192.192

My answer would normally be that in this case the IPsec rules are explicit, and only allow /24 traffic across - but the point was made that masking shouldn't matter here, and I was asked why the device "A" couldn't talk to device "B"

As I understand it, Device "A" should be able to talk to anything from 10.192.0.1 to 10.192.255.254, and as I understand it Device "B" should be able to talk to anything from 10.192.192.0 to 10.192.192.254

So - why couldn't Device A talk to Device B?



No comments:

Post a Comment