Can Devices in the Same VLAN but Different Subnets Ping Each Other??
Currently, there are two computers that reside within the same VLAN.
pcA IP Address: 10.1.1.1/8
pcB IP Address: 11.1.1.1/8
01 Without gateway,A ping B
The message reported is "Destination host unreachable."
Obviously, Machine A has recognized that the target is not within the same subnet as itself and attempts to locate a gateway. However, since no gateway exists, it reports that the host is unreachable. No packets are captured by the sniffer on Machine B, and observing the network card shows only transmissions and no receptions, indicating that the data did not make it past the initial stage.
02 Setting the gateway to target IP,A ping B
The ping is successful. Why is it successful?
Observing the packets captured by the sniffer on Computer A reveals that during the ping process, A first initiates an ARP broadcast. It broadcasts a query asking for the MAC address corresponding to 11.1.1.1.
Obviously, this ARP broadcast can be received by B (since they are in the same VLAN), and 11.1.1.1 is exactly B's IP address. Naturally, B responds to this ARP request. The following diagram shows the packet capture on A, where A first initiates the ARP broadcast and then receives B's response.
In this way, A obtains B's MAC address, and B learns A's MAC address when receiving A's ARP broadcast. Therefore, both sides can successfully ping each other.
03 Setting the gateway to itself,A ping B
The ping is still successful. The packet capture on A is as follows:
The captured results are the same as in the second scenario. A still broadcasts a query for the MAC address of 11.1.1.1. Upon receiving this ARP broadcast, B is obligated to respond. Consequently, both sides learn each other's MAC addresses, allowing them to successfully ping each other.
Unlike the second scenario, here it is clearly understood that the 11.1.1.1 in the ARP refers to the IP address specified in the ping command, rather than the gateway (since A's gateway is now 10.1.1.1).
So, does the 11.1.1.1 in the second scenario also refer to the IP address specified in the ping command? Let's examine further below.
Ping Three Non-Existent IP Addresses
Delve into the Principles of Network Communication
With the gateway set to itself, ping three non-existent IP addresses:
One is within the same subnet as the device itself;
One is within the same subnet as the gateway;
One is not within the same subnet as any of the above.
01 Ping an IP Address within the Same Subnet as Oneself
The ping command returns a timeout, and the packet capture results on B are as follows:
It can be observed that A sent an ARP broadcast inquiring about 10.1.1.2, rather than a broadcast inquiring about the gateway (10.1.1.1). Since this IP does not exist, no device responded to the inquiry.
02 Ping an IP within the same subnet as the gateway.
Timeout occurred. What B received was an ARP broadcast from A inquiring about 11.1.1.2. Since the address 11.1.1.2 does not exist, no device responded.
03 Ping an IP that is not within the same subnet as any device
Timeout occurred. On B, it received an ARP broadcast from A inquiring about 100.1.1.1. Since the address 100.1.1.1 does not exist, no device responded.
From the above three experiments, it can be observed that when the gateway is set to itself, regardless of the pinged address, the ARP broadcast sent by the computer directly inquiries about the MAC address corresponding to the IP specified in the ping command, without inquiring about the MAC address of the gateway. This aligns with the previous description.
In fact, before broadcasting to inquire about the IP specified in the ping command, the computer would typically first inquire about the MAC address of the gateway. However, in this case, since the gateway is set to itself, this step is skipped.
Is this really the case? Let's verify it further.
The IP of B in the gateway settings of AI computer
An IP address that does not exist in B's gateway settings
With the gateway of computer A set to the IP address of B, and the gateway of B set to a non-existent IP address (which is also not in the same network as A or B), there are three scenarios to consider when performing ping operations.
01 Ping an IP address within the same subnet as the gateway.
When capturing packets on A, it can be observed that A first sends an ARP broadcast request for the gateway 11.1.1.1 (corresponding to B receiving this broadcast request). B responds to this ARP request for 11.1.1.1, but since this IP address does not exist, the ping operation results in a timeout.
02 Ping to an IP address that is not within the same subnet as any other device.
Timeout occurred. The result is similar to the outcome in section 5.2. A sent a request regarding the gateway 11.1.1.1, and B responded to it. However, the ping operation timed out.
03 ping the adress of computer B
The result timed out. Why is this not working as expected? According to the previous tests, both computers A and B should be able to obtain each other's MAC addresses. In an Ethernet environment, having a MAC address should allow communication, but in this case, it does not.
Upon examining the packets captured by Sniffer, we can observe the following:
A sent an ARP broadcast request for 11.1.1.1, and B responded to the request for 11.1.1.1. However, subsequently, multiple ARP broadcast requests from B for 100.1.1.1 were received, and the requests for 100.1.1.1 did not receive a response from B. It appears that B has been continuously attempting to query the MAC address corresponding to B's gateway (100.1.1.1). B will not respond to the ping until it obtains the MAC address of the gateway.
From all the experiments above, it can be observed that when a computer communicates with an address that is not within its own subnet, the computer first looks up the MAC address of the gateway. If the MAC address of the gateway does not receive a response, the computer will not respond to the ping.
Therefore, the situations in examples 1 and 2 are special cases, which exploit the fact that the gateway and the host IP are the same, thereby deceiving the computer. If the gateways of A and B are set to IPs unrelated to A and B, respectively, they will definitely not be able to communicate with each other.