7

Currently I have a router that is addressed as 10.2.1.1 on a 10.2.1.0/24 network. All of my hosts have default gateway 10.2.1.1 with mask 255.255.255.0.

I want to know: if I change my router to 10.2.0.0/16 will the hosts that have subnet mask corresponding to /24 still work in the interim (before I reconfigure)?

EDIT: If it is not possible, what is the best way to transition from a smaller subnet to a larger subnet, assuming these are all Windows hosts behind a pfSense device?

EDIT 1: For clarification, I will keep the router address as 10.2.1.1, just make the subnet bigger (/16 instead of /24).

tacos_tacos_tacos
  • 3,250
  • 18
  • 63
  • 100
  • 2
    "change my router to 10.2.0.0/16" needs little clarification. Did you mean to keep IP address 10.2.1.1 on your router and just change subnet mask to 255.255.0.0? If that is the case, hosts with /24 should work in the interim (unless your network has more to it than you have shared with us) – Dusan Bajic Feb 24 '12 at 17:29
  • See this similar question asking about a similar change. http://serverfault.com/questions/360528/changing-netmask-from-24-to-16-on-a-windows-2003-domain – Zoredache Feb 24 '12 at 19:23

2 Answers2

6

It would work somewhat. It depends on how you define work. If you change the netmask on you router, so that instead of having 10.2.1.1/24 it will have 10.2.1.1/16 then:

A host with a 10.2.1.0/24 address could still reach any system with an address between 10.2.1.0-10.2.1.255 with a mask of /24 or /16. The systems would simply use arp resolution and connect directly to the each other. Since from the perspective of both systems they will each be on their local network.

A host with a 10.2.1.0/24 would be able to connect to any host outside of the 10.2.0.0/16 network. It would ARP for the gateway address and connect through the via your router.

The only thing they couldn't reach is hosts on 10.2.0.0/16, but not in the 10.2.1.0/24 range. The host with an address in 10.2.1.0/24 would try to connect via the router, but a host on that subnet, but outside of 10.2.1.0/24 would try to connect directly. Even this can be mitigated, on some routers using something called proxy-arp. You basically have to convince the router to reply to ARP requests on behalf of a system with a 10.2.1.0/24 when the request came from a system not within that subnet.

The key point here is that will work somewhat, but you must fix the netmask on all your systems fixed to the new subnet before you start assigning address space from the other portion of the network.

Zoredache
  • 130,897
  • 41
  • 276
  • 420
0

There are a few potential issues.

  • Hosts with the narrower netmask will send packets to the router that they should have sent directly to another host. Depending on the router and it's configuration it may or may not forward the packets back out over the same interface they came in.
  • The broadcast address will be different. This may screw up some stuff that relies on "Lan discovery" techniques.
  • Hosts with the narrower subnet mask may ignore arp requests from "out of subnet" requesters. This may lead to failure to deliver packets from hosts with the wider mask to hosts with the narrower mask.

Whether these potential issues become actual issues depends very much on your environment. The only way to know for sure is to test.

Peter Green
  • 4,211
  • 12
  • 30