3.4 Subnet Logic, Host Ranges, and Gateways

Deciding local versus remote

Subnetting is not just a math topic. It tells a host whether a destination is local or remote. If the destination IP is in the same subnet, the host tries to send directly on the local network. For IPv4, it uses ARP to learn the destination MAC address, then sends an Ethernet frame to that MAC. If the destination is outside the local subnet, the host sends the frame to the default gateway MAC address. The IP packet still has the final remote destination IP, but the Layer 2 frame is addressed to the router interface.

Start with easy /24 logic. In 192.168.10.0/24, the network address is 192.168.10.0, the broadcast address is 192.168.10.255, and usable hosts are 192.168.10.1 through 192.168.10.254. A common gateway is the first or last usable address, such as 192.168.10.1 or 192.168.10.254, but that is a design choice. The default gateway configured on a host must be an IP address on the same subnet as the host.

Smaller subnets require block-size thinking. A /26 mask is 255.255.255.192. The interesting octet has a block size of 64 because 256 minus 192 equals 64. The /26 networks in a /24 boundary are .0, .64, .128, and .192. For 192.168.10.70/26, the address falls in the .64 subnet. The network address is 192.168.10.64, the broadcast address is 192.168.10.127, and usable hosts are 192.168.10.65 through 192.168.10.126. A gateway of 192.168.10.1 would be outside that subnet and would not work for that host.

A /28 mask is 255.255.255.240, with block size 16. 192.168.5.33/28 falls in the 192.168.5.32 subnet. The broadcast address is 192.168.5.47; usable hosts are .33 through .46. If a static printer is set to 192.168.5.47/28, it is using the broadcast address and should be corrected. If it is set to 192.168.5.48/28, it is in the next subnet, not the same subnet.

Use the gateway as a boundary test. A host at 10.10.20.25/24 with gateway 10.10.20.1 has a plausible configuration. A host at 10.10.20.25/24 with gateway 10.10.21.1 does not, because the gateway is outside the host subnet. A host at 10.10.20.25/23 with gateway 10.10.21.1 may be valid, because /23 combines two adjacent /24-sized ranges. The mask changes the answer.

Default gateway issues are common in support tickets. If a client can reach another device in the same subnet but cannot reach the internet, remote VLANs, or DNS servers outside the subnet, check the gateway. If the client cannot reach even local peers, check link, Wi-Fi association, VLAN, IP address, mask, duplicate IP, and local firewall. If only some remote networks fail, the client's gateway may be fine and the issue may be routing beyond the first hop.

DHCP reduces manual errors by assigning address, mask, gateway, and DNS settings together. Static configuration is still used for infrastructure, printers, cameras, servers, and lab devices, but it must be documented. Avoid assigning static hosts from the middle of a DHCP scope unless reservations or exclusions are configured; duplicate IP addresses cause intermittent and confusing failures.

In tickets, record both symptom and scope: local subnet works or fails, default gateway ping works or fails, DNS by name works or fails, and known working comparison devices. This lets an engineer tell whether the likely problem is host configuration, switch/VLAN placement, DHCP, routing, or an upstream firewall.

Study Checkpoint

• Topic: 3.4 Subnet Logic, Host Ranges, and Gateways.
• Verify the official Cisco concept before memorizing a shortcut.
• Practice the technician action: observe, document, test, fix when supported, or escalate.