9 Replies Latest reply: Jan 13, 2011 11:17 AM by Mark Heick RSS

    VLAN/IP mapping




      Imagine that we have a switch with 1 VLAN configured and 2 ports in this particular VLAN.

      Further, we have 2 Windows PC plugged in these 2 ports on the switch with different IP configured on their NIC let's say PC1 has and PC2 has


      The question is would PC1 be able to ping PC2 in this case and what is PC's logic?

        • 1. Re: VLAN/IP mapping
          Pete Nugent

          Not as you have described the pcs will not ping each other as they  are oin different subnets.


          PC1 IP /24 is in network

          PC2 IP /24 is in network


          You would need inter vlan routing or a layer 3 device to route between them such as a router.


          If PC 2 had an IP adress of /24 then yes they would be able to ping each other as they are both in the same network and the switch is a layer 2 device.


          Hope that helps

          • 2. Re: VLAN/IP mapping

            The theory behind the question is well-known. PC1 knows that PC2 is on different subnet according to the combination of PC1's IP-address and mask. So it will send a packet to its default gateway after it knows its default gateway L2 address by means of ARP request.


            The question is mostly about if PC1 would check its IP/mask combination first or it would issue an ARP request for PC2 MAC-address discovery before it?

            • 3. Re: VLAN/IP mapping
              Bryan Middleton



              petenugent is absolutely right, just to expand though as to what would happen. PC1 would see that is on a different network and therfore it will send out an ARP request to resolve the MAC address of its default-gateway (if not already in its ARP cache) - it will not send an ARP request for something on a different subnet ( so even though they are physically connected into the same layer 2 broadcast domain it will not work, if you try to remove the default-gateway and then ping you will probably get a ping transmit failure.


              One way that you might be able to technically get around this would be to add static ARP entries to each of the hosts for the corresponding IP/MAC addresses and to then test connectivity between the two but whether or not this would work might be hit/miss depending on the OS of the host machines, NIC driver etc. - it is not something I have tried and practically speaking would be a waste of time although interesting to see the result :-)



              • 4. Re: VLAN/IP mapping

                Bryan, static ARPs would NOT make that work under any circumstance, because once the PC gets the IP-MAC resolution, the workstation routing table still needs to be processed. If there is no gateway, none of the rows in the workstation routing table will match, and you will 100% get a "Destination Host Unreachable" message.

                • 5. Re: VLAN/IP mapping

                  Firstly to answer the question, PC1 will not be able to ping PC2.
                  the logic:

                  1)PC1 does not have the layer2 address of PC2 to complete successful
                  packet delivery and recieve the response.

                  2)The PC1 identifies the destination ip address in question is beyond its
                  subnet based on its ip address/subnet mask combination.
                  I believe you would agree that that it wouldnt be worth the effort for
                  PC1 to send a arp broadcast for a device outside its network.

                  3)The net result would be the PC1 has to direct the packet to its default
                  gateway and let it deliver the packet to the destination.

                  4)Once the DG recieves the packet from PC1,DG has to identify the destination
                  network and the next hop device which will lead to that network.
                  It checks for its route table,if no route is found it will drop
                  the packet,else will forward the packet to the next device.

                  5)The process would continue till the packet reaches the destination and
                  the icmp echo reply follows the same process from PC2 to PC1.

                  This logic will work if both the devices are in the same vlan or
                  different vlans.

                  Now assuming in your question you have already configured DG for each
                  host and DG have a route each of the network, that my friend is your
                  Intervlan routing in itself where the DG are the layer 3 devices(As already
                  pointed by Pete and Brian).

                  Lastly as brian suggested you can go around setting up static arp entries on
                  PC1 and PC2 and it might work,bottom line its not scalable.


                  • 6. Re: VLAN/IP mapping
                    Pete Nugent

                    The question states 1 VLAN 2 seperate networks therefore you need a layer 3 device either intervlan routing on the switch or a router. If you meant on the same subnet then yes it will arp for the second pc if it does not know its mac, as its not on the same subnet it will arp for the default gateways mac if not already known and send the packet to the default gateway. I do believe that is what the question asked.


                    As there is only one VLAN it will never reach PC2 as you will need to create a second VLAN and create routes between the 2 as when the packet hits the default gateway it will just drop it as it does not know where to send it, hence no connectivity.

                    • 7. Re: VLAN/IP mapping
                      Mark Heick


                      As there is only one VLAN it will never reach PC2 as you will need to create a second VLAN ...


                      You don't necessarily need to create separate vlan. You have one vlan and just configure the first subnet defualt gateway address as the primary, and use the second gateway address as the secondary address on the SVI.


                      I do agree that you will need routing to get between the two subnets.

                      • 8. Re: VLAN/IP mapping
                        Pete Nugent



                        Thanks for that, you know I have never come across this, either that or I forgot about it completely, what a cool idea! Sorry maybe I should know this but for whatever reason I simply had no idea,

                        • 9. Re: VLAN/IP mapping
                          Mark Heick



                          No problem. One implementation is when you might be readdressing a location and can't do it all at once so you can have the secondary addresses exist and still maintain connectivity.