Fun CCNA Challenge

ColbyG

I got this question about a ticket from one of our offshore engineers:

The user on one pc cannot access 192.168.199.101 (dvr)
but the user can access the same device from other pc
both pc are in same subnet 192.168.198.0 /23
first pc ip address 192.168.198.132 (cannot access dvr)
second pc ip address 192.168.199.13 (can access dvr)
can't ping dvr from local subnet either 192.168.1.120

What's the issue?

shaqazoolu

Is there an ACL involved?

ColbyG

No sir.

notgoing2fail

is it a subnet mask issue? I'm trying to work out the network addressing scheme....

BTW: What is DVR?

ColbyG

notgoing2fail wrote: »

is it a subnet mask issue? I'm trying to work out the network addressing scheme....

BTW: What is DVR?

I don't know, is it?

DVR = Digital Video Recorder, like a Tivo if used at home. We have them at work for our security cameras.

notgoing2fail

ColbyG wrote: »

I don't know, is it?

DVR = Digital Video Recorder, like a Tivo if used at home. We have them at work for our security cameras.

LOL here I thought it was some Cisco term I never heard of...


Now back to the issue....

notgoing2fail

This is a tough one because we don't really know how the routing is configured.

I don't expect the DVR itself to have any kind of configuration that allows one PC to ping it and not another so we can safely rule that out. (eek, unless it does)

I'm a little perplexed by the /23 with it being a class C address....

motherwolf

looks like all devices are in the same subnet: 192.168.198.0-192.168.199.254

Is the switchport shut down?

2URGSE

notgoing2fail wrote: »

is it a subnet mask issue? I'm trying to work out the network addressing scheme....

BTW: What is DVR?

Digitial Video Recorder. (Has a built in Hard disk drive), used in CCTV systems and other systems where you want to record live video onto a disk.


That's what I'm thinking......if there are no ACL's.

2URGSE

If it's not layer 3 issue.........then I guess we should move to layer 2 troubleshooting or if there's more info.........


:

alan2308

I'm going to go with one of the devices, either PC1 or the DVR, being configured with an incorrect subnet mask (say, 255.255.255.0). If that's the case, then of course communication with PC2 will still work just fine (no matter which has the incorrect subnet mask), but it will fail for PC1. PC1 will be able to reach the DVR just fine, but the DVR will have no return path to PC1 (we all know this situation pretty well here, right guys?).

The host at 192.168.1.120 is on a different network, so there's a number of different possibilities on that one. For all we know, the network could be designed to not allow access to the DVR from outside of the local subnet.

ColbyG

alan2308 wrote: »

I'm going to go with one of the devices, either PC1 or the DVR, being configured with an incorrect subnet mask (say, 255.255.255.0). If that's the case, then of course communication with PC2 will still work just fine (no matter which has the incorrect subnet mask), but it will fail for PC1. PC1 will be able to reach the DVR just fine, but the DVR will have no return path to PC1 (we all know this situation pretty well here, right guys?).

The host at 192.168.1.120 is on a different network, so there's a number of different possibilities on that one. For all we know, the network could be designed to not allow access to the DVR from outside of the local subnet.

You win. Here's the logic:

It could be the gateway and mask, but it's definitely the mask. The DVR can reach stuff on its own /24, but not the /23. So that means the mask is likely /24 because that's what people are used to. The gateway is probably also wrong, they likely set it to .1 of the /24.

If only the gateway were wrong, it would be able to talk to the /23, but nothing outside the subnet.

Now, I'm speculating here as I don't have a firm resolution from the offshore guys, I simply told them what I think is most likely (really the only thing I think it can be).

alan2308

ColbyG wrote: »

You win.

YAY ME!!!!


And on a completely unrelated note, earlier this week I finally got around to setting up a profile on Linked In, and you showed up in the "People you may know" box.

ColbyG

alan2308 wrote: »

YAY ME!!!!


And on a completely unrelated note, earlier this week I finally got around to setting up a profile on Linked In, and you showed up in the "People you may know" box.

Did you add me? I'm a rockin' LinkedIn friend, haha.

alan2308

ColbyG wrote: »

Did you add me? I'm a rockin' LinkedIn friend, haha.

yea, just did.


Edit: Anyone know how do they come up with that list? I didn't really give them any info at that point. One was my father in law, one was my sister in law's SO, and the other two I have no idea who they are. Can't be a random 5.

2URGSE

ColbyG wrote: »

You win. Here's the logic:

It could be the gateway and mask, but it's definitely the mask. The DVR can reach stuff on its own /24, but not the /23. So that means the mask is likely /24 because that's what people are used to. The gateway is probably also wrong, they likely set it to .1 of the /24.

If only the gateway were wrong, it would be able to talk to the /23, but nothing outside the subnet.

Now, I'm speculating here as I don't have a firm resolution from the offshore guys, I simply told them what I think is most likely (really the only thing I think it can be).

I'm a bit lost here.

The first thing I did is take 192.168.198.0 /23 and figure out the basics, so:

Network address = 192.168.198.0

Broadcast address = 192.168.199.255

Range = 192.168.198.1 to 192.168.199.254


At this point I concluded that all the devices (PC1, PC2 and the DVR) have valid IP addresses in the /23 mask.

Where did the /24 mask came from? I did not see it in the original problem.

2URGSE

Ok, I thought about it more.

The original problem did not mention what mask the DVR was in....... so I can't assume it's in /23.......???

ColbyG

2URGSE wrote: »

I'm a bit lost here.

The first thing I did is take 192.168.198.0 /23 and figure out the basics, so:

Network address = 192.168.198.0

Broadcast address = 192.168.199.255

Range = 192.168.198.1 to 192.168.199.254


At this point I concluded that all the devices (PC1, PC2 and the DVR) have valid IP addresses in the /23 mask.

Where did the /24 mask came from? I did not see it in the original problem.

Look at the IPs that can and cannot ping each other.

alan2308

2URGSE wrote: »

Ok, I thought about it more.

The original problem did not mention what mask the DVR was in....... so I can't assume it's in /23.......???

Assume nothing. You only know that the three devices SHOULD all be /23.

bermovick

Am I the only one confused how a class C can be /23 ?

Project2501

bermovick wrote: »

Am I the only one confused how a class C can be /23 ?

VLSM.

Classfull routing died a while ago.

x5150

Can the pc that can't ping the dvr , ping anything at all? All three devices could be on the same switch and vlan and correctly set with the right mask. The switch could have been set to learn only one MAC and the PC that can't ping got a new NIC. ?

ColbyG

x5150 wrote: »

Can the pc that can't ping the dvr , ping anything at all? All three devices could be on the same switch and vlan and correctly set with the right mask. The switch could have been set to learn only one MAC and the PC that can't ping got a new NIC. ?

That's overthinking it a bit, IMO. Also, if this were the case, pinging the DVR from another subnet should work.

Heero

2URGSE wrote: »

Ok, I thought about it more.

The original problem did not mention what mask the DVR was in....... so I can't assume it's in /23.......???

yep, its a trouble ticket. You cannot assume anything is configured correctly, except for what is verified. Took me about 5 seconds to think that there was a good chance it was an incorrect mask on the DVR. Just because the subnet is /23 does not mean that it was correctly configured. You would not be getting a trouble ticket if it was