[ale] Question on network

[Brian Mathis]

Here's some information that may help:

The idea of "Class A, B, C" networks is long gone.  In the old days, you
could generally think of subnets having those classes, corresponding to
netmasks of 255.0.0.0 (class A), 255.255.0.0 (class B), and 255.255.255.0
(class C).  This is not strictly correct, but it's good enough for the
purposes of this discussion.

In modern times we have moved to "Classless Inter-Domain Routing", or CIDR
subnetting.  This is what you are indicating when you use the "/" notation
on the end of a subnet, like 192.168.1.0/24.  The / is not simply a
shortcut to save you typing, but indicates that you are actually using CIDR
subnets.  The / number indicates how many bits are in the netmask, and some
of these just happen to match up with the old idea of class-ful networks
(/8 = class A;  /16 = class B;  /24 = class C), but you can have other
numbers as well, each one giving you a network with a different number of
hosts.  You can make a subnet smaller by allocating more mask bits to the
subnet (/25), or make larger by using fewer mask bits (/23).

Here's a good site where you can play with the IP ranges and subnet masks
to see how choosing a different CIDR changes your other network parameters:
http://www.subnet-calculator.com/cidr.php


Subnetting is done to isolate broadcast domains -- that is -- if a host
needs something and it doesn't know who to talk to, it will send out a
broadcast packet asking anyone to respond.  This happens frequently, and
many services on your network can do this.  Open up wireshark or tcpdump
and you can see that there's probably a lot more broadcast traffic than you
think.  If you get too many hosts on a network, productive network traffic
can get drowned out by the broadcasts, so you want to try to keep subnets
to a reasonable size.


Regarding gateway/firewall IP addresses.  When a host is talking to another
host within the local subnet, they talk directly to each other.  However,
if a host is trying to talk to someone outside of the subnet, it can't talk
directly to it, so it sends the packet to the default gateway and says "you
deal with it".  The default gateway IP address is just that address set
aside within the local network for the gateway to use, and has no other
special properties.  From a subnet perspective, the gateway IP address is
just another host on the subnet.


Given your situation, what you are talking about doing is feasible.  You
can blow up your subnet to a /16, or even just go to a /23, which will give
you 510 available addresses.  I don't think there's much harm in going to a
/16 as long as you don't fill it up, but it's certainly a huge subnet.  You
don't need to change your gateway IP address (you do need to update the
subnet mask on that device), but you need to make sure that you don't
accidentally use that IP for other things (such as if you modify your DHCP
range).

I think a bigger problem you might have is that since you're out of IPs, it
means you have 254 hosts already on one subnet, and you're probably already
seeing performance problems because of that.  You really need to consider
implementing separate subnets instead of making one big one.


❧ Brian Mathis



On Wed, Jan 22, 2014 at 10:55 PM, Chuck Payne <terrorpup at gmail.com> wrote:

> Guys,
>
> I need to as a question, I am weak on networking. Every where I have
> worked we had a network guy, so I didn't have to deal with this much
>
> Currently were I work I am about to run out of ip's, for now every is
> 192.168.11.0/24 lets say
>
> We are using a Class C ( 10.11.0.0/24 254 Hosts Usable ), our head
> program was us to move to a class B ( 192.168.0.0/16 65534 Host Usable
> )
>
> My question is this, I currently have a firewall that is my gateway,
> it is 192.168.11.254/255.255.255.0
>
> If I change all the ip's even the gateway netmask from 255.255.255.0
> to 255.255.0.0 with it work with my gateway? Then can I use any ip on
> the 192.168.0.0 range with my gateway.
>
> So for example I set up the the following to use
>
> 192.168.10.0/255.255.0.0
> 192.168.11.0/255.255.0.0
> 192.168.12.0/255.255.0.0
>
> I am currently reading a few books, but they aren't answering my question.
>
> I like to be able for ip to work together with the one fireway. By the
> way, I know that 192.168.0.0/24 is a private range for a class c, and
> what I am talking would be better with 10.0.0.0/16, but I am use to
> working with 192.168.0.0.
>
>
>
> --
> Terror PUP a.k.a
> Chuck "PUP" Payne
>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.ale.org/pipermail/ale/attachments/20140123/f8fa09b4/attachment-0001.html>