Non-symmetric network failure is caused by subnet mask faults

Source: Internet
Author: User
Tags website server

Non-symmetric network failure is caused by subnet mask faults
Network connectivity is a common phenomenon. I believe many people will focus on Network cables, Nic drivers, and nic parameters. When checking Nic parameters, they may also focus on key parameters such as IP addresses, Gateway Addresses, DNS servers, and DHCP servers. In fact, there is also a network parameter-subnet mask, which is also very important. If we ignore the settings or set it incorrectly, it will also lead to network failure. Because the subnet mask parameter is not valued at ordinary times, once this parameter causes a network failure, it is easy to avoid this problem! Fault description: Asymmetric networks cannot communicate with a company or its subsidiaries through broadband optical fiber connections directly with the local telecommunications department, and the company's internal network is formed through the telecommunications network, the networks of subsidiaries can not only access each other, but also the network of the headquarters and even the Internet. The Corporation can access the networks of subsidiaries and the Internet. Recently, Company A responded that it was unable to access the website servers of the company, so that they could not report data to the company through the network. After preliminary checks, the head office network administrator finds that the network between the head office and A subsidiary cannot be pinged to each other. However, the head office can not only PING the networks of other subsidiaries, but also access the Internet, although A sub-company cannot PING the networks of other sub-companies and the corporate network, it can access the Internet. Troubleshooting: Firewall and telecommunications? Through the fault description above, the head office network administrator believes that since the Head Office can PING the networks of other subsidiaries, this indicates that the network on the head office is working normally, the problem may occur in A subsidiary's network or local telecommunications department. A subsidiary's network can access the Internet, this shows that there should be no problems in the physical connection between A subsidiary's network and the local telecom network. The Network Administrator also initially thought that A subsidiary's network had no problems in parameter configuration. However, subsidiary A's network cannot be pinged to other subsidiaries, which also indicates that the cause of the fault should be in subsidiary A's network or local telecommunications department. However, the network administrator is very puzzled: Generally, the company network and A subsidiary network can access the Internet and the same website content at the same time, they should also be accessible to each other unless they have enabled the anti-fire wall filter function to deny access to their respective networks. However, after the actual check, the network administrators on both sides have temporarily disabled the firewall and still cannot solve the network failure. This indicates that the network failure is irrelevant to the anti-fire wall filtering function. After the firewall is ruled out, the Head Office's Network Administrator believes that the cause of the fault may occur in the routing settings of the local telecommunications department to the subsidiary's network, therefore, the Network Administrator logs on to the backend management interface of the local router and tracks the routes of the subsidiary network. To find out what is tricky, the network administrator tracked the routes of the networks of several other subsidiaries. After carefully comparing the tracing results, the Network Administrator found that there was a significant loop between the 202.102.11.156 address and the 202.102.11.254 address. After finding the address filing information, he found that these addresses were from the telecommunications department. It seems that the key to the problem is here! Considering that the cause of the fault involves the telecommunications department, the Administrator is very careful because if the Telecommunications Department has an address loop, many users will have to seek help from the telecommunications department for a long time, can't the fault be solved till now? Therefore, the network administrator decided to first find the problem from himself. If the problem could not be found, it would be too late to report a network fault to the telecommunications department, the Network Administrator checked the servers and routers of the company respectively, and asked the network administrators of other subsidiaries to perform the tests. After repeated tests, the Network Administrator confirmed that the company's network did not have any problems. Before officially reporting A network fault to the telecommunications department, the Head Office's network administrator has not forgotten to inform the network administrator of A's subsidiary about the parameter settings of the local subnetwork, and asked him to report the inspection results in a timely manner so that the company could decide whether to uniformly report network faults to the telecommunications department. Not long ago, A subsidiary's Network Administrator called and said that when checking local route settings, it was found that "255.255.255.255.192" was set to "255.255.255.0" when the subnet mask parameter was set "; according to the network administrator of Company A, although he sets the parameter table assigned by the Company, however, due to operational habits, the router subnet mask parameter is accidentally entered into the Intranet mask address. After the address is changed, the network of Company A can access the server of the company immediately. So far, the network failure mentioned in this article has been successfully solved, and the final "subnet mask" of this fault is unnoticeable. Fault Summary: Why can't I connect to the Internet but the headquarters find the cause of the fault? It is not difficult to explain the strange network phenomena mentioned above. For example, if the subnet mask parameter of Company A is set improperly, the network of Company A can still access the Internet. This is because the router of this subnet has A default route record, this route record can forward network data from Company A to the Internet port, so that Company A can access the content in the Internet. Company A's network is unable to PING the company's network, mainly because of an error in the subnet mask parameter settings of the company. We know that before a host sends an Internet request, it often determines whether the target host is in a local subnet. If it is in the same subnet, it will directly send the Internet request to the target host, if it is not in the same subnet, the request will be sent to the specified gateway. How does a local host identify whether the target host belongs to a local subnet or an Internet network? It mainly relies on subnet mask addresses. Assume that, under normal conditions, Company A's network mask address is 255.255.255.255.192, at this time, when A subsidiary's 202.102.11.87 host tries to access the Head Office's website server (this server address is assumed to be 202.102.11.2), the local host will think that the 202.102.11.2 server is located on the Internet, therefore, it sends an Internet request to the local gateway. In this case, the 202.102.11.87 host of Company A can PING the server of the company. Once the network mask address of Company A is changed to 255.255.255.0, the local host considers that the address 202.102.11.87 and 202.102.11.2 are in the same network segment, therefore, the local host directly sends an Internet request to the target host instead of forwarding it to the local gateway. In fact, the local subnet does not have the IP address 202.102.11.2, therefore, the 202.102.11.87 host of Company A cannot be pinged to the server of the company. The reason why the company's network cannot PING the network of Company A's subsidiary is mainly because the network mask address of Company A's subsidiary is incorrect, and the data request information from the Internet cannot reach the target host correctly, therefore, the route entry of Company A is considered to be inaccessible. TIPS: The subnet mask plays an important role. Many users who contact the network for the first time often think that by observing the IP address, they can determine whether the two IP addresses belong to the same subnet, in fact, they ignore the important parameter subnet mask. Generally, to check whether two IP addresses are in the same subnet, both the IP address and the subnet mask address are required. For example, the IP address of a workstation is 10.192.0.1, the corresponding subnet mask address is 255.255.255.0, the IP address of another workstation is 10.192.1.1, and the corresponding subnet mask address is 255.255.255.0, they are not in the same subnet, because the subnet mask address shows that the subnet network number of the previous workstation is 10.192.0.0, And the subnet network number of the next workstation is 10.192.1.0. For example, the IP address of a workstation is 10.192.0.1, the corresponding subnet mask address is 255.255.0.0, the IP address of another workstation is 10.192.1.1, and the corresponding subnet mask address is 255.255.0.0, they are in the same subnet, because the subnet mask address shows that the subnet network number of the previous workstation is 10.192.0.0, And the subnet network number of the other workstation is 10.192.0.0. Therefore, from the two examples above, it is not difficult to see the two IP addresses of the same. If they correspond to different subnet mask addresses, the two addresses may belong to different subnets, it may also be in the same subnet.

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.