[Search for users] [Overall Top Noters] [List of all Conferences] [Download this site]

Conference noted::seal

Title:SEAL
Moderator:GALVIA::SMITH
Created:Mon Mar 21 1994
Last Modified:Fri Jun 06 1997
Last Successful Update:Fri Jun 06 1997
Number of topics:1989
Total number of notes:8209

1762.0. "Using a subnet as rednet" by NETRIX::"[email protected]" (Sebastian L�lsdorf) Mon Feb 03 1997 09:31

Hi,

has anybody connected a Class-B-net to the internet so far? And used the 
tunnel? Well, then:

I am planning the installation of an AFWU. The customer is currently connected
to the internet with a registered Class-B-network without a firewall. (!)

In addition to the firewall there will be
- a group tunnel to a remote site through the internet, with the tunnel 
server running on the same machine with the firewall
- some public servers on the customer's rednet.

          Internet ----- remote site
              |
          red Class-C-subnet ---- public WWW, anonymous ftp
              |
          Firewall & TunnelServer
              |
          blue rest-of-Class-B-net with 1000s of hosts

There is no hope to get an additional Class-C-network. So I'm planning to
separate one Class-C-subnet for the rednet. Its addresses are not yet used
internally.

Please tell me your experiences/opinions on the following:

1.) The customer is hoping that he doesn't need to change the netmasks 
of the internal systems (there are literally thousands of hosts).
Will this work?

My opinion is: yes (with the only exception that traffic between blue and
red systems can only happen via proxies, not through the screen).

2.) What about the group tunnel: the remote tunnel server will announce a
route into its network pointing to my customer's net. I am afraid this route 
will announce the whole Class-B-net, because RIP doesn't announce netmasks.
Therefore the traffic from the remote site to my customer's rednet will go
through the tunnel. At this point they might run into an infinite loop,
because the tunnel server itself is reached through the tunnel?

Could a static route at the remote site pointing to my rednet solve this
issue?

Thanks,
Sebastian
 
[Posted by WWW Notes gateway]
T.RTitleUserPersonal
Name		DateLines
1762.1Hey, why doesn't anybody reply?NETRIX::"[email protected]"Sebastian L�lsdorfThu Feb 13 1997 05:429
Hi,

isn't there anybody out there in Digital's cyberspace who might have some
helpful hints on this? PLEASE! (If I haven't explained well enough
what I mean in .0, please ask in here or contact me by mail.)

Thank you very much,
Sebastian
[Posted by WWW Notes gateway]
1762.2they really aren't subnetting?PARZVL::ogodhcp-125-128-38.ogo.dec.com::kennedynuncam non paratusThu Feb 13 1997 16:129
Sebastian,

So they have a single, flat class B net, with no routers, just
1000s of hosts all chatting on the same LAN?

If not, then they're already subnetting, so you should
be able to do what you want.
1762.3No they aren't. - My idea for subnetting, please commentNETRIX::"[email protected]"Sebastian L�lsdorfThu Feb 20 1997 08:1238
Hello,

they really have NO internal subnets and NO routers. All hosts have full 
class-B netmask 255.255.0.0.
(They started like that because they believed subnetting would cause too 
much administration effort because things are frequently changing. Now they
have thousands of hosts and just WANT to keep it like this.)

So here is my current idea what to do:

1. Have a subnet for the bluenet as big as possible

Subnetting a class B net in two parts of equal size requires 2 more bits for
the netmask, which will be 255.255.192.0. One network can be x.y.64.0.
It may have 16382 hosts from x.y.64.1 to x.y.127.254.

(I know, subnetting like this costs 50% of the potential class-B address space
just as a fee. And if they have blue hosts out of the allowed address
range, they must reconfigure them. Fortunately most of the existing hosts are
within this range.)

2. Have a subnet for the rednet with reasonable size

From step 1 there is now a second net x.y.128.0, mask 255.255.192.0.
To use this as the rednet would be another big waste of address space, 
because for the rednet a few IP addresses would do. But routing is easier
using a class C subnet mask 255.255.255.0
So the red network can be x.y.191.0, allowing 254 hosts.

3. Later on, the free space from step 2 may be added to the bluenet via
router.
And when they run out of space again, they can reorganize into
Class-C-subnets.

- Do you think this makes sense?

Sebastian
[Posted by WWW Notes gateway]