subnetting ignorance

[bwanaaa]

I have this config:
Router 1 WAN port connected to internet
LAN Gateway 192.168.1.1
NAS 192.168.1.2
255.255.255.0
DMZ 192.168.1.10

Router 2 WAN port plugged into LAN port of router 1
WAN Ip 192.168.1.10
LAN Gateway 192.168.3.1
subnet mask 255.255.255.0


PC plugged into LAN port of Router 2
IP 192.168.3.20
Subnet mask 255.255.255.0

In this config, the pc can navigate to 192.168.3.1 (the inner router)
and 192.168.1.1 (the outer router)

but if I change the subnet mask to 255.255.0.0 on the pc, it can no longer see the outer router although it can still see the inner router and all other clients on the lan.
I thought that making the subnet mask of the pc 255.255.0.0 was a 'superset' of 255.255.255.0. It allows for more ip addresses and should be 'less restrictive'.

So why can't the pc go to 192.168.1.1 when its mask is 255.255.0.0?

 

[imagoon]

I have this config:
Router 1 WAN port connected to internet
LAN Gateway 192.168.1.1
NAS 192.168.1.2
255.255.255.0
DMZ 192.168.1.10

Router 2 WAN port plugged into LAN port of router 1
WAN Ip 192.168.1.10
LAN Gateway 192.168.3.1
subnet mask 255.255.255.0


PC plugged into LAN port of Router 2
IP 192.168.3.20
Subnet mask 255.255.255.0

In this config, the pc can navigate to 192.168.3.1 (the inner router)
and 192.168.1.1 (the outer router)

but if I change the subnet mask to 255.255.0.0 on the pc, it can no longer see the outer router although it can still see the inner router and all other clients on the lan.
I thought that making the subnet mask of the pc 255.255.0.0 was a 'superset' of 255.255.255.0. It allows for more ip addresses and should be 'less restrictive'.

So why can't the pc go to 192.168.1.1 when its mask is 255.255.0.0?

Because now as far as the PC is concerned there is no reason to send anything to the default gateway since 192.168.1.1 is network local.

Your network settings don't match the actual network design and thus won't work. You need to remove the router.

In order to understand supernetting and subnetting, I would also suggest reading up on the decision making process in the TCP/IP protocol suite. Once you understand that, why it doesn't work would make sense.

 

[Ketchup]

Because now as far as the PC is concerned there is no reason to send anything to the default gateway since 192.168.1.1 is network local.

Your network settings don't match the actual network design and thus won't work. You need to remove the router.

In order to understand supernetting and subnetting, I would also suggest reading up on the decision making process in the TCP/IP protocol suite. Once you understand that, why it doesn't work would make sense.

What he said.

 

[bwanaaa]

with subnet on pc 255.255.0.0, the pc can go to the internet but nothing locally. but with that logic you used, a subnet of 255.255.255.0 on the pc would make it think that anything 192.168.3.x is local and therefore would send no traffic to anything on the lan. This article
https://bryce.fisher-fleig.org/blog/the-missing-guide-to-subnet-masks/
explains it well. Subnet masks are used to specify a range of ip addresses. To define the size of the internal network. Typically this mask tells the router what's in its lan and what is outside its lan (on the wan) . But I do not understand what the function of a mask on a pc is. I would think it is useless because there is nothing 'downstream' of the pc. yet if the subnet mask specifies a network larger than what its gateway specifies, then the pc can not talk to anyone on the network. i wonder why the pc network adapter needs a subnet mask?

 

[mv2devnull]

if the subnet mask specifies a network larger than what its gateway specifies, then the pc can not talk to anyone on the network. i wonder why the pc network adapter needs a subnet mask?

Every machine does "routing decisions". Your PC has a routing table that has at least three entries:

1. localhost; one program in your PC can communicate with another program in your PC

2. 192.168.3/24; local LAN. If destination is in this range, simply broadcast it out from adapter

3. default via 192.168.3.1; if destination is none of the explicit rules, then send it to Router 2 (due to rule 2).


Your Router 2 has one more rule:

1. localhost

2. 192.168.3/24; local LAN 2. If destination is in this range, simply broadcast it out from adapter 2

3. 192.168.1/24; local LAN 1. If destination is in this range, simply broadcast it out from adapter 1

4. default via 192.168.1.1; if destination is none of the explicit rules, then send it to Router 1 (due to rule 3).


When your PC sends a packet to Google, it actually forwards it to Router 2 due to the default rule; the Router 2 forwards it
to Router 1 (due to Router 2's default rule); the Router 1 forwards it to the ISP's router; and so forth until the packet reaches a router that has Google in its LAN.


If you change the PC's mask to 255.255.0.0, then the PC's routes change:

1. localhost
2. 192.168/16; local LAN. If destination is in this range, simply broadcast it out from adapter
3. default via 192.168.3.1; if destination is none of the explicit rules, then send it to Router 2 (due to rule 2).

The problem is that only machines in 192.168.3/24 are physically in the LAN. The Router 2 will not pick up and forward broadcast traffic that has destination address 192.168.1.1 because that is not destined to Router 2.

 

[Fardringle]

The subnet mask tells the computer which IP address ranges are local and do not need to be routed, and which addresses need to be sent somewhere else.

Think of it like a telephone area code. If you dial a number using your local area code, then the phone system knows to keep the call local. But if you dial with (for example) area code 305 and you are not already inside the Miami, Florida area, then your local phone system knows that it needs to send the call somewhere else and it will forward the call either directly to area 305 if it has a direct link, or to another phone system in between that has a link to 305, and that continues until it gets to the proper destination. Now if your local phone company messed with their settings to the point where more than the local area code is considered to be local (changing the subnet mask) then what happens to calls that are supposed to go somewhere else but the system doesn't know that? They get lost because they don't have a valid destination any more. The same thing happens to TCP/IP packets when the subnet mask is set incorrectly.

 

[kevnich2]

The subnet mask tells the IP protocol which network subnet it's a part of and what devices the host can communicate directly with, without involving the default gateway. The default gateway is used when the computer is trying to communicate with another host/device that's NOT in the local subnet. Hence, the subnet mask.

192.168.3.0 with a subnet of 255.255.0.0 tells the computer that it can communicate with any devices in the 192.168.x.x range directly without involving the default gateway.

 

[bwanaaa]

thank you but I am still a little fuzzy (no, i have not consumed any alcohol or other mind altering substances)

the pc is connected to the lan with an ethernet cable. When it wants to talk to another pc it sends out a tcp packet with the destination address. It cannot decide 'where' to send the packet to. The packet goes to the switch in the router or if there is a switch before the router it goes there. The switch has a map of ip addresses and mac addresses. There is no 'subnet' decision going on there. if the ip address is not in the table, the packet goes to the router, no?

Subnet masks are used to define network sizes and it seems that only routers can do that.
My understanding of the subnet mask is that it is XORed with the destination ip and that result is 'ANDed with the source ip address. And that is done in the router. I still do not know exactly how the subnet mask in the pc is used when a tcp packet is transmitted. Or is it used somehow when a switch sends it a packet?

 

[kevnich2]

I suggest you pick up a netowk+ book or similar. Your understanding of how this works is.....wrong.

 

[kevnich2]

A layer 2 switch doesn't do anything with IP addresses. Layer 2 doesn't care about IP's. It's strictly switches frames based on mac addresses which each computer and switch keeps a list of hosts/nodes on the same broadcast domain through ARP.

If the device is outside it's local subnet, the pc/node/host then sends the frame to it's default gateway, which takes the frame and puts it in a packet from there and sends it up the chain based on it's own routing table.

 

[imagoon]

the pc is connected to the lan with an ethernet cable. When it wants to talk to another pc it sends out a tcp packet with the destination address. It cannot decide 'where' to send the packet to.

Very much no. The computer makes packet local destination decisions based on the IP and subnet pair (and the local routing table, if configured.) The gateway (otherwise known as the gateway of last resort) is where the packet is sent when the computer has no information on where to send it.

The packet goes to the switch in the router or if there is a switch before the router it goes there. The switch has a map of ip addresses and mac addresses. There is no 'subnet' decision going on there. if the ip address is not in the table, the packet goes to the router, no?

The switch plays no part in this process. (Ignoring L3 switching which is just a router in a switch)

Subnet masks are used to define network sizes

Correct.

and it seems that only routers can do that.

Wrong. Every device needs to be aware of the network "size." This is what the subnet mask is for.

My understanding of the subnet mask is that it is XORed with the destination ip and that result is 'ANDed with the source ip address. And that is done in the router.

No. The decision making process for "local" or "send it to the gateway" occurs at the transmitter. A router is not required in TCP/IP but the devices still need to have a valid IP and subnetwork mask or they will be unable to communicate correctly.

I still do not know exactly how the subnet mask in the pc is used when a tcp packet is transmitted. Or is it used somehow when a switch sends it a packet?

I recommend you read a book about the Cisco ICND1. It is an elementary networking book that would explain this in great detail.

 

[Gryz]

The way I would explain it:

An IP address is a like a normal address. It describes where something is. Not what or who it is. A postal address consists of a zip-code (or postal-code, as it is called in some countries) and a street-number.

An IP address is like that. It consists of the network-part (which is like the zip-code). And the host-part (which is like the street-number).

When you want to send a letter, you look at the zip-code and the street-number. First you look at the zip-code. Is the destination's zip-code the same as my zip-code ? If yes, then the destination is in my street ! I don't need to give it to the post office. I can deliver it myself ! If the zip-codes are the same, you walk over to the house of the destination, and deliver the letter yourself. If the zip-codes do not match, you walk over to the post office, and hand over the letter to them. The post office will take care of delivery for you.

In this story, the post office is the "default gateway". This requires that there is a post office in every street. If there is no post office in your street, you can still deliver letters to others houses in your street. But you can't deliver letters to house that are in different streets or cities.

How do you know if the zip-code of the destination is exactly the same as your own zip-code ? With real life address that is simple. Zip-code are the numbers before the space, and street-numbers are the numbers behind the space. Or something like that (depending on country).

With IP addresses it's a bit more complicated. The address is always 32 bits. (In IPv4 at least). The first bits are the network-address, and the last bits are the host-part. How many bits in each ? That depends. It depends on the network mask.

Suppose you have a network mask of 255.0.0.0.
Write this in binary and you'll see: 11111111000000000000000000000000.
That is 8 ones and 24 zeros.
In modern notation you'll write: /8
This means the first 8 bits is the network part (aka the zip-code) and the last 24 bits are the host-part (the street-number).

Suppose you have a network mask of 255.255.252.0
Write this in binary and you'll see: 11111111111111111111110000000000.
That is 22 ones and 10 zeros. Or /22.
22 Bits network part (zip-code) and 10 bits host-part (street-number).

Example:
We have ip-address 192.31.231.16 and network mask 255.255.255.0.
We are going to send a packet to 192.31.231.42.
Can we deliver it outselves, or do we need to send it via the default gateway ?
First we calculate the network-address of the network we are on ourselves.
That means we do a logical bit-wise and: 192.31.231.16 AND 255.255.255.0.
The result is: 192.31.231.0. That is the network-address of our own network.
Secondly we calculate the network-address of the destination address.
Same thing, we do a logical and: 192.31.231.42 AND 255.255.255.0.
The result: 192.31.231.0. That is the network-addres of the destination.

Now we compare those 2: is 192.31.231.0 equal to 192.31.231.0 ?
Yes.
That means the destination is on our own network.
And we can do local delivery.

Suppose we want to send to 10.70.80.212.
Again, we compute our own network-address. It still is 192.31.231.0.
Next we compute the network-address of the destination.
We do a logical and: 10.70.80.212 AND 255.255.255.0.
Result: 10.70.80.0.
Compare: is 192.31.231.0 equal to 10.70.80.0 ?
Nope.
That means the destination is not on our local network.
That means we need to send the packet to our default gateway.
E.g. the default gateway is 192.31.231.1.
We do an arp-request for 192.31.231.1. The default gateway answers, with its mac-address. We encapsulate the packet for 10.70.80.212 with an ethernet-frame with the mac-address of the default-gateway. And we send it to the default-gateway.

For routers it is a little different. But still, they use the network-mask in kinda the same way to determine if something is directly attached or remote.

 

[bwanaaa]

thank you all for your patience. and goodwill. It is ironic that such ancient qualities have resurfaced in the internet after having been largely erased from our societies by capitalism. I appreciate the references to network books. After looking at a few, they all seem to be a little too abstract for me.
But the nut of my misunderstanding lies here:
@ mv2devnull

2. 192.168/16; local LAN. If destination is in this range, simply broadcast it out from adapter
3. default via 192.168.3.1; if destination is none of the explicit rules, then send it to Router 2

and here

If the device is outside it's local subnet, the pc/node/host then sends the frame to it's default gateway, which takes the frame and puts it in a packet from there and sends it up the chain based on it's own routing table.

Basically, I do not know HOW a pc determines where to send its data to. The ethernet network is like a bus-it goes everywhere. Putting a packet out through the ethernet jack of a pc is a generic event-therefore the packet itself has to determine who responds to it. A packet that is destined to picked up by a local device (switch or other pc on the lan) has to look different than a packet that is going to be picked up by a router.

Two references (which I hope are correct)) that I enjoyed reading are:

http://www.sysnative.com/forums/net...es-routing-switching-work-life-of-packet.html

and

http://newartisans.com/2007/10/life-and-times-of-a-tcp-packet/

When an application on a pc wants to send data, it encapsulates it into a packet. The subnet mask information is not included in the packet. Does the subnet mask determine how a packet is encapsulated?

For example if the pc wanted to send a packet on the local net, it would use an ethernet frame http://en.wikipedia.org/wiki/Ethernet_frame and if it wanted outside the network it would use a tcp packet http://en.wikipedia.org/wiki/Transmission_Control_Protocol#TCP_segment_structure ?

 

[Gryz]

Basically, I do not know HOW a pc determines where to send its data to. The ethernet network is like a bus-it goes everywhere. Putting a packet out through the ethernet jack of a pc is a generic event-therefore the packet itself has to determine who responds to it. A packet that is destined to picked up by a local device (switch or other pc on the lan) has to look different than a packet that is going to be picked up by a router.

You need to look at it from a layered perspective.

Layer-1. Ethernet is physically a broadcast medium. A sender puts bits on the wire. Those bits (signals) go everywhere. All machines connected to the wire(s) will see those bits.


Layer-2. The bits are organized in a frame. A frame has a start. Then it has an Ethernet-header. Then follow the bits that form the payload (the data). Inside the Ethernet-header are the Destination MAC Address and the Source MAC Address. Every machine has a unique MAC Address. When it sees frames (bits) coming in via Ethernet, it just looks at the Destination MAC Address. If the Destination MAC Address is equal to its own MAC Address, it knows that the frame is for him.

Modern Ethernet-cards will do that for you. They will determine which frames are for itself. And which frames can be ignored. Only the frames destined to itself will be "send to" the CPU. This is a performance improvement.

There is also broadcasting on Layer-2. As we've seen, all frames go to all machines anyway. But all-but-one machine will ignore each frame. However, if you want to send a frame to all machines, then you send a so-called "broadcast-frame". You do this by setting the Destination MAC Address to FFFF:FFFF:FFFF (all ones). Now every Ethernet card on every machine will pick up the frame, and give it to its CPU.

Note that sometimes a machine wants to see all frames that go over the network. That can be done. E.g. if you want to sniff all packets, for troubleshooting purposes. Or maybe to eaves-drop. The software can request the Ethernet card to not only give it frames with Destination Ethernet Address set to its own address, but to give it all frames, regardless of Destination MAC Address.


Layer-3. Then there is also Layer-3 broadcasting. Inside the Ethernet frame, there is an IP packet. The IP Packet has a header. With a Destination IP address and a Source IP address. Even if the Ethernet card gives the frame to the CPU, the software running on the CPU will look at the Destination IP Address. If the destination is not its own ip-address it will ignore the packet. IP also has broadcasts. The IP broadcast address is 255.255.255.255 (all ones).

To recap:
We have broadcasts on 3 levels.
1) The physical layer. Layer-1. All ethernet frames are broadcasted always.
2) The MAC layer. Layer-2. Broadcast frames will have FFFF:FFFF:FFFF as destination MAC address.
3) The IP layer. Layer-3. Broadcast packets will have 255.255.255.255 as the destination IP address.

Hope this clears it up.
There's nothing magical about all this.

 

[Gryz]

When an application on a pc wants to send data, it encapsulates it into a packet. The subnet mask information is not included in the packet. Does the subnet mask determine how a packet is encapsulated?

No.

When discussing things, people should use proper terminogoly.
In reality, it's all a string of bits. But on different layers, they have different names.

On layer-2, we talk about a "frame".
On layer-3, we talk about a "packet".
On layer-4, we talk about datagrams when we deal with UDP (connectionless), and we walk about segments when we deal with TCP.

For example if the pc wanted to send a packet on the local net, it would use an ethernet frame http://en.wikipedia.org/wiki/Ethernet_frame and if it wanted outside the network it would use a tcp packet http://en.wikipedia.org/wiki/Transmission_Control_Protocol#TCP_segment_structure ?

No.
At the program-level, the program sends data into a "socket". Either a TCP socket (reliable, sequenced, connection oriented) or a UDP socket (unreliable, one-at-a-time, connectionless). The TCP driver or UDP driver in the kernel takes over. It encapsulates all the data given by the user program inside a TCP header or a UDP header. It then hands over the TCP segment or UDP datagram to the IP-driver in the kernel. The IP-driver will encapsulate the segment or datagram into an IP packet. It does this by adding an IP header in front. Always. It then does a lookup in the routing table to see where the IP-packet needs to be send. Either directly to the destination, or to the default gateway. In the ARP table, it finds the MAC address. Then the IP-driver hands over the packet to the Ethernet-driver. The Ethernet driver adds an Ethernet header to the IP-packet. In that Ethernet header it puts its own MAC address as Source MAC address. And then puts the MAC address it just has been given with the packet as the Destination MAC address. The Ethernet driver then puts the bits out on the wire.

This is how it always works. User data is inside a TCP segment or UDP datagram. That is encapsulated in an IP header. And the IP packet is encapsulated inside an Ethernet frame.


Sometimes I wonder that the more I explain, and the longer the text, the higher the probability that people will skip what I wrote.

 

[bwanaaa]

@Gryz

Your words are clear. And I read them several times. But I did not see you address (no pun intended) how the subnet mask on the pc plays a role in the construction of packets sent out the ethernet jack. When I eaves drop on a connection with wireshark, I see ip addresses, mac addresses, data. etc but I do not see subnet mask info. Therefore, the subnet mask has to affect how the packet is constructed somehow. I understand how a router uses a subnet mask- it decides whether to send a packet out the wan port or the lan port. I can imagine how a pc could use a subnet mask to route its own traffic-either keep in the pc or send it out the ethernet jack. But how does the subnet mask change the data sent out the ethernet jack? It must somehow, because changing the subnet mask on the pc can disrupt network communications of the pc. for example, setting the subnet mask on the pc (with an ip of 192.168.3.10) to 255.255.0.0 results in no packets going to the local lan defined by 255.255.255.0 on the gateway(with an ip of 192.168.3.1).

 

[kevnich2]

No.

When discussing things, people should use proper terminogoly.
In reality, it's all a string of bits. But on different layers, they have different names.

On layer-2, we talk about a "frame".
On layer-3, we talk about a "packet".
On layer-4, we talk about datagrams when we deal with UDP (connectionless), and we walk about segments when we deal with TCP.


No.
At the program-level, the program sends data into a "socket". Either a TCP socket (reliable, sequenced, connection oriented) or a UDP socket (unreliable, one-at-a-time, connectionless). The TCP driver or UDP driver in the kernel takes over. It encapsulates all the data given by the user program inside a TCP header or a UDP header. It then hands over the TCP segment or UDP datagram to the IP-driver in the kernel. The IP-driver will encapsulate the segment or datagram into an IP packet. It does this by adding an IP header in front. Always. It then does a lookup in the routing table to see where the IP-packet needs to be send. Either directly to the destination, or to the default gateway. In the ARP table, it finds the MAC address. Then the IP-driver hands over the packet to the Ethernet-driver. The Ethernet driver adds an Ethernet header to the IP-packet. In that Ethernet header it puts its own MAC address as Source MAC address. And then puts the MAC address it just has been given with the packet as the Destination MAC address. The Ethernet driver then puts the bits out on the wire.

This is how it always works. User data is inside a TCP segment or UDP datagram. That is encapsulated in an IP header. And the IP packet is encapsulated inside an Ethernet frame.


Sometimes I wonder that the more I explain, and the longer the text, the higher the probability that people will skip what I wrote.

This is actually a very good explanation from the top layers all the way down with how the data goes from the source program to the destination. In essence, everything is handed off from layer to layer. Layer 7 doesn't know or care what Layer does, everything goes down the layers and each protocol at each layer has it's own job to do with it. This is a BIG reason why when troubleshooting issues, it's best to troubleshoot from Layer 1 UP

 

[Fardringle]

@Gryz

But I did not see you address (no pun intended) how the subnet mask on the pc plays a role in the construction of packets sent out the ethernet jack. When I eaves drop on a connection with wireshark, I see ip addresses, mac addresses, data. etc but I do not see subnet mask info. Therefore, the subnet mask has to affect how the packet is constructed somehow.

The subnet mask is not included in the packet data because it doesn't need to be. The packet header contains the destination IP (or MAC) address and then the subnet mask that is configured on the computer or router tells the computer or router whether that destination address is local or not. If it is local, then it stays on the local broadcast network. If not, then it is sent to the default gateway, which then passes it along to the next step on the path to get to the destination.

The problem with having the wrong subnet mask configured as in your original post, is that if the computer has the wrong mask info and therefore THINKS that a destination address is local when it really isn't, then it won't send those packets to the default gateway and so they won't get forwarded on to the proper location. Or if the mask is set so that the computer thinks a local address is actually somewhere remote then it will send those packets to the default gateway which then has nowhere to forward it to since it's not actually a remote destination (some routers will keep these packets local since they are smart enough to recognize the proper destination, but not always).

 

[imagoon]

@Gryz

Your words are clear. And I read them several times. But I did not see you address (no pun intended) how the subnet mask on the pc plays a role in the construction of packets sent out the ethernet jack.

It doesn't. At least not directly. The subnet mask will change the destination IP of packet at layer 3. Layer 2 (MAC) and Layer 1 (physical) quite frankly don't care and take no action on it.

When I eaves drop on a connection with wireshark, I see ip addresses, mac addresses, data. etc but I do not see subnet mask info. Therefore, the subnet mask has to affect how the packet is constructed somehow.

You won't. Subnetwork mask is not relevant to anything other than a transmitter. Subnetwork mask is literally this simple for any layer 3 transmitting device: "Is the packet for a local device or do I need send packet to another device that may have more information on where to send it?."

It is a yes / no type question. (For a typical workstation, a routing table can change this)
Is it local (example 192.168.1.2/255.255.255.0)? IP: 192.168.3.4? Answer No. Destination: Router (more specifically gateway of last resort.)

---

Is it local (example 192.168.1.2/255.255.255.0)? IP: 192.168.1.4? Answer Yes. Destination: Local PC.

I understand how a router uses a subnet mask- it decides whether to send a packet out the wan port or the lan port.

A router uses the subnet mask identically to a workstation. It just asks more questions:

Is it local (example 192.168.1.2/255.255.255.0)? IP: 192.168.3.4? Answer No. Destination: Router

Which router?

Router "ABC" says it has access to 192.168.3.0 255.255.255.0. Answer: Send to router "ABC."

---

Is it local (example 192.168.1.2/255.255.255.0)? IP: 192.168.1.4? Answer Yes. Destination: Local PC.

I can imagine how a pc could use a subnet mask to route its own traffic-either keep in the pc or send it out the ethernet jack. But how does the subnet mask change the data sent out the ethernet jack? It must somehow, because changing the subnet mask on the pc can disrupt network communications of the pc.

See above.

for example, setting the subnet mask on the pc (with an ip of 192.168.3.10) to 255.255.0.0 results in no packets going to the local lan defined by 255.255.255.0 on the gateway(with an ip of 192.168.3.1).

Actually it does but in specific ways. Using above:

Is it local (example 192.168.3.10/255.255.0.0)? IP: 192.168.3.4? Answer Yes. Destination: Local PC.

---

Is it local (example 192.168.3.1/255.255.255.0)? IP: 192.168.3.10? Answer Yes. Destination: Local PC.

Communications works With mismatched subnet masks these devices can communicate fine.

Another example:
[assuming workstation, router respectively]
192.168.3.10/255.255.0.0 and 192.168.2.1/255.255.255.0

Is it local (example 192.168.3.10/255.255.0.0)? IP: 192.168.2.1? Answer Yes. Destination: Local PC.

---

Is it local (example 192.168.2.1/255.255.255.0)? IP: 192.168.3.10? Answer No. Destination: Router*.

Communications fails Packets never made it round trip and got lost in transit.

*Since this is the Router, it will check to see if it has knowledge of 192.168.3.0/255.255.255.0 which it likely doesn't so the packet is shipped to the next Internet router which won't know either and eventually get dropped as "no valid destination."

 

[bwanaaa]

I FINALLY GET IT AFTER READING THIS:
http://www.ciscopress.com/articles/article.asp?p=2180208&seqNum=8

basically, the pc decides what kind of etherframe to wrap the packet in after checking the subnet mask.
Under section 'Send a Packet (1.2.1.2)'

PC1 must determine if the destination IPv4 address is on the same network. PC1 determines its own subnet by doing an AND operation on its own IPv4 address and subnet mask. This produces the network address that PC1 belongs to. Next, PC1 does this same AND operation using the packet destination IPv4 address and the PC1 subnet mask.

If the destination network address is the same network as PC1, then PC1 does not use the default gateway. Instead, PC1 refers to its ARP cache for the MAC address of the device with that destination IPv4 address. If the MAC address is not in the cache, then PC1 generates an ARP request to acquire the address to complete the packet and send it to the destination. If the destination network address is on a different network, then PC1 forwards the packet to its default gateway.

To determine the MAC address of the default gateway, PC1 checks its ARP table for the IPv4 address of the default gateway and its associated MAC address.

If an ARP entry does not exist in the ARP table for the default gateway, PC1 sends an ARP request. Router R1 sends back an ARP reply. PC1 can then forward the packet to the MAC address of the default gateway, the Fa0/0 interface of router R1.

An etherframe with the mac address of the 'local target' is used if the subnet mask says that the origin and destination are local. Otherwise an etherframe with the mac address of the gateway is used.

Thus, using a subnet mask that is too broad (255.255.0.0) should result in the pc thinking that all 192.168.x.x addresses are local. And these will require an etherframe on the local net. But if the necessary mac address is not found, the switch will start frame flooding until it gets a reply. Which will never happen since 192.168.1.x addresses are outside the router 2 in my original example in the first post above.

Thank you for your patience, persistence and positive replies. Your encouragement is an example that I will try to remember when I am confronted with someone who is struggling to understand me (if I am ever in the position of being asked a question like this).

 

[Gryz]

An etherframe with the mac address of the 'local target' is used if the subnet mask says that the origin and destination are local. Otherwise an etherframe with the mac address of the gateway is used.

Yep, you got it.

Thus, using a subnet mask that is too broad (255.255.0.0) should result in the pc thinking that all 192.168.x.x addresses are local. And these will require an etherframe on the local net. But if the necessary mac address is not found, the switch will start frame flooding until it gets a reply.

Almost. If the sender uses a subnetmask that is too wide, and thinks the destination is on the same local network, the sender will want to have it's MAC address. So it can send the packet inside a frame with the destination's MAC address. The sender is supposed to learn this via ARP. So the sender will do an arp-request for the destination's ip-address. But this won't work. Because 1) arp-packets are never forwarded off the local network, and 2) the destination is not on the local network, but somewhere else. Therefor the arp-request will never get a reply.
The sender will wait a few seconds for a reply. And when it doesn't get any, it will do another arp-request. This will continue forever. As long as the sender doesn't get an ARP-reply, it can't put an entry in the ARP-table. And without an entry in the ARP-table, the IP-layer will never send out the packet.

So nothing is being flooded. But there will be arp-requests continuously.

Thank you for your patience, persistence and positive replies. Your encouragement is an example that I will try to remember when I am confronted with someone who is struggling to understand me (if I am ever in the position of being asked a question like this).

Hehe. No problem.
All this stuff isn't really that hard. You need some basic understanding of the core concepts, and then things will become understandable quicker. My own approach has always been: "if I had to make this work, how would I go ahead ? what problems would I need to solve ? how would that work step-by-step". Often the easiest way you can envision a solution yourself, is the way it's done in reality.