A new Linux application server has been placed on VLAN 20. The routing design document shows that VLAN 20 uses the contiguous address block 10.10.20.0/23 and that the Layer-3 SVI on the distribution switch is 10.10.20.1/23.
After the build is finished, users report they can SSH to the server from 10.10.21.0 addresses but not from 10.10.20.0 addresses or any other subnet. You log on locally and run ip addr:
eth0: inet 10.10.21.80/24 brd 10.10.21.255 scope global eth0
default via 10.10.21.1 dev eth0 metric 100
Which single change will most likely restore full connectivity without adding static routes or proxy ARP work-arounds?
Change the default gateway to 10.10.20.1.
Add a static route for 10.10.20.0/24 via 10.10.20.1.
Update the subnet mask on eth0 to 255.255.254.0 (/23).
The server was built with a /24 (255.255.255.0) prefix, but VLAN 20 is actually a /23 (255.255.254.0) network that spans both 10.10.20.0 and 10.10.21.0. Because of the narrower mask, the server believes hosts in 10.10.20.0 are on a remote network and therefore ARPs only for the default gateway (10.10.21.1). Those ARP requests never succeed, so traffic to 10.10.20.0-and to any other subnet-is dropped. Correcting the subnet mask makes the server recognize that 10.10.20.0/23 is local; it can then ARP directly for the SVI (10.10.20.1) and for peers in both halves of the /23.
Changing the default gateway alone will not help while the mask is wrong, adding static routes is unnecessary, and MTU size has no bearing on the routing decision.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What does the subnet mask 255.255.254.0 (/23) indicate?
Open an interactive chat with Bash
Why didn’t the incorrect /24 subnet mask allow proper communication?
Open an interactive chat with Bash
What is ARP, and why was it failing in this scenario?