I am studying to receive my ccna and have come across a question that, for some reason, is difficult to conceptualize (at least for me). This is a theoretical question and not what's best practice, as I am sure what I am going to present does not exist intentionally out in the real world.

My Question is: How does a sending host know it's communicating with the right host on the right SUBNET? And if it can't, what are the security-related implications of this?

Consider this setup:

PCA Subnet PCB Subnet

Connected via a layer 2 switch on the same vlan\segment.

These machines are technical on different "subnets", one with a range of 0-255, and the other 0-127.

PCA ( sends traffic to PCB ( and communication is successful, when technically it shouldn't be. These machines are on the same network address And this test was performed in packet tracer.

Choose an ip for PCB from the next subnet in the /25 network (; (I have not done packet capturing on this) my assumption is that communication would be allowed 1 way, from PCA -> PCB, but PCB would be aware of it's own subnet and not reply without a route configured.

Are my assumptions\findings true?

*All tests were performed in packet tracer.


I understand how to determine network addresses via subnet masks and the ANDing method. But in the books, they just ask that, by convention, you should avoid overlapping subnets. In VLSM, they say provision the largest network first, then the next largest and so on, without overlapping. But there is nothing technological preventing you from having overlapping ranges and even duplicate ips (at least on a lan). I guess in my example the machines ARE on the same network, regardless of how the subnet is sliced. But what are the security implications of this? locally vs internet?

Ron Maupin
  • 99,565
  • 26
  • 120
  • 195
j. doe
  • 21
  • 2
  • Did any answer help you? If so, you should accept the answer so that the question doesn't keep popping up forever, looking for an answer. Alternatively, you could provide and accept your own answer. – Ron Maupin Aug 14 '17 at 18:42

3 Answers3


A host will mask its address and the destination address with its configured mask. If the two values are equal, it means that the destination is on the same network as the host.

PCA address mask network

address   = 11000000.10101000.00000001.00000001
mask = 11111111.11111111.11111111.00000000
network                 11000000.10101000.00000001.00000000 =

PCB address mask network

address     = 11000000.10101000.00000001.00000010
mask = 11111111.11111111.11111111.10000000
network                   11000000.10101000.00000001.00000000 =

The networks for the two devices are the same. Where you would run into a problem is with an address that is higher than In that case, PCA would think it's on the same network, and it could send something to PCB, but PCB would think it's on a different network, and it would be unable to reply.

You really need to do addressing in binary to see how it works. This answer is an excellent resource.


You need to avoid overlapping networks because of the problem I described above, and the fact that your router will not let you assign overlapping networks on different interfaces.

You assign the largest networks first to help prevent blocks of unused addresses. This is easy to see if you do this in binary.

Ron Maupin
  • 99,565
  • 26
  • 120
  • 195
  • I understand how to determine network addresses via subnet masks and the ANDing method. But in the books, they just ask that, by convention, you should avoid overlapping subnets. In VLSM, they say provision the largest network first, then the next largest and so on, without overlapping. But there is nothing technological preventing you from having overlapping ranges and even duplicate ips (at least on a lan). I guess in my example the machines ARE on the same network, regardless of how the subnet is sliced. But what are the security implications of this? locally vs internet? thx – j. doe Jun 27 '16 at 21:10
  • You need to avoid overlapping networks because of the problem I described in my answer, and the fact that your router will not let you assign overlapping networks on different interfaces. You assign the largest networks first to help prevent blocks of unused addresses. – Ron Maupin Jun 27 '16 at 21:12
  • Right, best practice is to avoid this, got it. My question is what are the implications of this? Like, if there were a non-standard router out there that would allow such a configuration. Is it possible to abuse something like this out on the internet? or on a lan? – j. doe Jun 27 '16 at 22:04
  • If you could somehow do this, the implication is what I gave you in my answer: one side would think both devices are on the same network, and the other side may not think that, depending on the addressing. This could prevent two-way communication. This is only important if the devices are on the same layer-2 LAN. Across a router, it simply would not work because a device that thinks the other device is on the same network will not send traffic to the router because it thinks the other device is on the same network.. – Ron Maupin Jun 27 '16 at 22:07
  • Okay, but I feel your answer is incomplete as I am asking about the implications of the having traffic sent 1 way. Traffic being sent 1 way is the result of overlapping subnets, but does nothing to explain the implication. I.E. could this be exploited? Are there exploits for this type of thing? Are there modified routers out on the net that could take advantage of this? Sort of lay of the land. Thx – j. doe Jun 27 '16 at 22:34
  • It's not about exploits or security; it's about communications problems. It really depends on the application. A multicast application could work well, but any application that uses the common request/reply may be broken. You can't set this up on two interfaces of the same router, and it just will not exist across a router. This situation mostly happens with misconfigured hosts (on the same LAN). On two different LANs, PCA would never send any traffic to PCB since it thinks PCB is on its LAN, and that means it will never send traffic for PCB to the router. – Ron Maupin Jun 27 '16 at 22:44

communication is successful, when technically it shouldn't be.

Why shouldn't it be? The subnet mask answers the question "what's on the wire with me?" In this case, both hosts are on the wire together, so they can communicate at layer-2 directly. Broadcast traffic (at L3) between the two hosts won't work because they are listening at different addresses. (255 vs 127)

  • 32,147
  • 2
  • 43
  • 85

About disadvantages.

  1. Overlapped subnets is unnecessary clutter configuration, making some implications (different subnets communicate on L3 only and through router) wrong.

    For example: In logs on host PCA we see connection from IP This IP belong to what subnet?

  2. It same risk as place two non overlapped subnets in one L2 segment (broadcast segment). hosts really can communicate in L2 by using non IP protocol or by tweaking IP configuration (add static route to other subnet over interface).

  • 774
  • 6
  • 15