Get AI summaries of any video or article — Sign up free
Subnetting…..but in reverse thumbnail

Subnetting…..but in reverse

NetworkChuck·
4 min read

Based on NetworkChuck's video on YouTube. If you like this content, support the original creators by watching, liking and subscribing to their content.

TL;DR

Reverse subnetting reconstructs network address, broadcast address, and range from an existing IP configuration when subnetting was already applied.

Briefing

A host losing all network access can come down to a simple but non-obvious subnetting mistake: the IP address might be “valid” for its subnet, yet the default gateway can land in a different subnet entirely—leaving the machine unable to ping anything, including the internet. The core task is “reverse subnetting,” where subnetting has already been applied and the job becomes reconstructing the network, broadcast, and valid host ranges from an existing IP configuration.

The walkthrough starts with real-world-style troubleshooting. Using an IP address, subnet mask, and default gateway from a problem host (Beatrice), the goal is to determine the network address, broadcast address, and network range. Because the subnet mask is already present, the process focuses on working backward: convert the subnet mask from decimal to binary, identify the slash length by counting contiguous “1” bits, then compute the increment (the value of the last network bit). That increment dictates where network boundaries fall.

With the mask converted to binary, the subnet is determined to be /20, meaning the increment is 16. Instead of incrementing in the usual fourth octet (common with class C thinking), the boundaries shift in the third octet. That’s the key mental pivot: network ranges advance by 16 in the third octet, producing ranges like 172.17.0.0–172.31.0.255 (with the network address and broadcast address derived accordingly). The example also highlights a subtle validity check: an IP ending in 255 can be a broadcast address and normally shouldn’t be assigned—but depending on the size of the subnet, even values that look suspicious at first glance can still fall within a valid range. In this case, Beatrice’s IP is treated as valid for its subnet.

Even with a valid IP, connectivity still fails. The reason emerges when comparing subnets between hosts. Bernard Hackwell’s IP places him in a different network segment than Beatrice—effectively “on different planets.” The decisive clue is Beatrice’s default gateway: it points to 172.17.0.1, which is not in the same subnet as her actual network. Since routers only forward traffic when the destination is outside the local subnet—and because the gateway itself isn’t reachable as a local neighbor—Beatrice can’t even reach the router, so pings to Bernard and external destinations fail.

By reconstructing the subnet boundaries from the configured mask, the troubleshooting becomes mechanical: compute the network address, broadcast address, and range; verify whether the default gateway belongs to the same subnet; then confirm whether other hosts share that same network range. The episode frames reverse subnetting as a practical superpower for CCNA-style exam questions and real troubleshooting tickets, ending with a teaser: the next step is subnetting a subnet—pushing the same logic further into more complex scenarios.

Cornell Notes

Reverse subnetting turns an existing IP configuration into the missing subnet details: network address, broadcast address, and the valid network range. The method hinges on converting the subnet mask to binary, counting contiguous network bits to get the prefix length (/20 in the example), and using the increment (16) to determine where network boundaries fall. A key twist is that boundaries may move in the third octet rather than the fourth, changing how ranges are constructed. The practical payoff is troubleshooting: Beatrice’s IP can be valid for its subnet, yet her default gateway can sit in a different subnet, making the router unreachable and breaking connectivity.

What does “reverse subnetting” mean in troubleshooting terms?

It means the subnet mask and IP configuration already exist, so the task is to reconstruct the subnet’s network address, broadcast address, and range from those values. Instead of designing a subnet from scratch, the analyst works backward from the configured IP address, subnet mask, and default gateway to determine whether the host and gateway actually belong to the same subnet.

How do you determine the prefix length and increment from a subnet mask?

Convert the subnet mask from decimal to binary, then count the contiguous “1” bits to get the prefix length (slash notation). In the example, the mask corresponds to /20. The increment comes from the last network bit in the mask; here it is 16, which becomes the step size for where network boundaries occur.

Why does the example increment in the third octet instead of the fourth?

Because the /20 mask makes the network bits extend into the third octet. With /20, the third octet changes in steps of 16 (0, 16, 32, 48, …). That’s why ranges like 172.17.0.0–172.31.0.255 are formed by incrementing the third octet, not the fourth.

How can an IP address be “valid” but the host still can’t communicate?

Validity for the subnet doesn’t guarantee reachability to the router. In the scenario, Beatrice’s IP fits within the computed subnet range, but her default gateway (172.17.0.1) is not in the same subnet as her actual network. Since the gateway isn’t reachable as a local neighbor, the host can’t forward traffic, so pings fail.

What’s the fastest way to spot the subnet mismatch between two hosts?

Compute each host’s network range from its IP and subnet mask, then compare those ranges. If the network addresses (and thus the ranges) don’t match, the hosts are in different subnets and will rely on the router—unless the default gateway itself is mis-subnetted, in which case even router access breaks.

Review Questions

  1. Given an IP address and subnet mask, what steps let you compute the network address, broadcast address, and increment without relying on classful assumptions?
  2. If a host can’t ping anything, how would you use reverse subnetting to check whether the default gateway is in the same subnet?
  3. Why might an IP value that looks like a broadcast address still be usable in some subnet sizes?

Key Points

  1. 1

    Reverse subnetting reconstructs network address, broadcast address, and range from an existing IP configuration when subnetting was already applied.

  2. 2

    Convert the subnet mask to binary, count contiguous network bits to get the prefix length, and use the last network bit to find the increment.

  3. 3

    With masks like /20, network boundaries can shift in the third octet, so incrementing may not follow the usual fourth-octet pattern.

  4. 4

    An IP can be valid within its computed subnet range while still failing connectivity if the default gateway is in a different subnet.

  5. 5

    A practical connectivity check is to verify that the default gateway’s IP falls inside the same computed network range as the host.

  6. 6

    Comparing computed network ranges between hosts quickly reveals whether they share a subnet or require correct routing.

Highlights

The decisive failure mode isn’t just a bad IP—it’s a default gateway that lands outside the host’s own subnet, making the router unreachable.
For a /20 mask, the increment is 16, and network ranges advance in the third octet (a common mental trap).
Reverse subnetting turns a confusing “can’t ping anything” ticket into a deterministic subnet-boundary check.

Topics

  • Reverse Subnetting
  • Subnet Masks
  • CCNA Troubleshooting
  • IP Addressing
  • Network Ranges

Mentioned

  • CCNA

Get summaries like this for any content

Videos, articles, research papers — all summarized by AI and searchable in one place.

Start building your library