1. Contracting
    1. General
      1. Brexit
    2. Business / Contracts
      1. Coronavirus Assistance
    3. Accounting / Legal
      1. Umbrella Companies
      2. HMRC Scheme Enquiries
      3. The Future of Contracting
      4. IR35 Reform
    4. Technical
    5. Welcome / FAQs
  2. Social
    1. Light Relief
    2. Social / Events
  • Visitors can check out the Forum FAQ by clicking this link. You have to register before you can post: click the REGISTER link above to proceed. To start viewing messages, select the forum that you want to visit from the selection below. View our Forum Privacy Policy.
  • Want to receive the latest contracting news and advice straight to your inbox? Sign up to the ContractorUK newsletter here. Every sign up will also be entered into a draw to WIN £100 Amazon vouchers!

Reply to: IP Subnetting Question

Collapse

You are not logged in or you do not have permission to access this page. This could be due to one of several reasons:

  • You are not logged in. If you are already registered, fill in the form below to log in, or follow the "Sign Up" link to register a new account.
  • You may not have sufficient privileges to access this page. Are you trying to edit someone else's post, access administrative features or some other privileged system?
  • If you are trying to post, the administrator may have disabled your account, or it may be awaiting activation.

Previously on "IP Subnetting Question"

Collapse
  • craig1
    replied
    Originally posted by yasockie View Post
    A couple of comments:

    What's the up speed on the ADSL - A stands for Asynchronous for a good reason - the up speed even on business lines are 1-2 mbit at best, so 18mbit is a huge step up plus I assume fiber is more reliable than noisy copper lines.

    Second this is you're really stingy with the IP address allocation - they are you private IPs so why not assign at least one whole class C subnet such as 192.168.1.x to one network and 192,168.2.x to the other - in this case the 255.255.255.0 mask is fine and easier to remember. By splitting a single subnet you only get 125 or so usable addresses which might seem like a lot, until you start doing a lot of automated testing with lots of VMs.
    Also consider having some local hostnames/DNS or AD set up - and refer to your devices using that.
    My ADSL up is 1mbps which is probably more than I need in 95%+ of situations and the other 5% aren't important enough for me to care. As long as I can VPN in and get a robust RDP session out then I'm happy (edit: as the most latency and bandwidth sensitive thing)

    I prefer single subnets as then it's a simple matter of splitting the last octet around. I doubt I'll ever need more than 50 addresses, even with the multiple VMs I use; I have my DHCP lease expiry set at 1 week so I'd need to be going something to go through the 40 addresses in the range.
    Last edited by craig1; 25 April 2012, 10:37.

    Leave a comment:

  • garethevans1986
    replied
    I use Free Network Monitoring Software | Spiceworks Free Network Management Software for network monitoring....very interesting piece of free kit too.

    GE

    Leave a comment:

  • yasockie
    replied
    A couple of comments:

    What's the up speed on the ADSL - A stands for Asynchronous for a good reason - the up speed even on business lines are 1-2 mbit at best, so 18mbit is a huge step up plus I assume fiber is more reliable than noisy copper lines.

    Second this is you're really stingy with the IP address allocation - they are you private IPs so why not assign at least one whole class C subnet such as 192.168.1.x to one network and 192,168.2.x to the other - in this case the 255.255.255.0 mask is fine and easier to remember. By splitting a single subnet you only get 125 or so usable addresses which might seem like a lot, until you start doing a lot of automated testing with lots of VMs.
    Also consider having some local hostnames/DNS or AD set up - and refer to your devices using that.

    Leave a comment:

  • Sysman
    replied
    Originally posted by craig1 View Post
    Yep, good advice. I keep a running spreadsheet done properly. It makes it easier with the marked out dhcp range for the VMs I throw out and trash as needed.
    And now you mention it, some of my VMs have more than one IP address. My spreadsheet needs a bit more work

    Leave a comment:

  • craig1
    replied
    Originally posted by Sysman View Post
    Make sure you document this lot. I've just counted mine and I've got 14 devices requiring IP addresses, and that doesn't include old stuff in cupboards that could yet be pressed into action if I get a legacy project to work on,

    I've put all my IP adresses into a spreadsheet with details of what system does what etc.

    And printed it out. Murphy's Law says I'll need it when some part of the network is down.
    Yep, good advice. I keep a running spreadsheet done properly. It makes it easier with the marked out dhcp range for the VMs I throw out and trash as needed.

    Leave a comment:

  • Sysman
    replied
    Originally posted by craig1 View Post
    The scary thing is that in my home I have now discovered 17 items that require an IP address, 10 I've given static addresses with varying configs, the others are on a DHCP range in my upper subnet. All works fine with the config noted above and had no issues so far apart from one machine getting very huffy when I mistyped a number in the third octet then couldn't guess what my mistype was.

    House now successfully configured with cat 6 cabling, gigabit switches/hubs, n-spec wifi (with a secondary g-spec for any guests with older kit), femtocell for my mobile phone, etc.
    Make sure you document this lot. I've just counted mine and I've got 14 devices requiring IP addresses, and that doesn't include old stuff in cupboards that could yet be pressed into action if I get a legacy project to work on,

    I've put all my IP adresses into a spreadsheet with details of what system does what etc.

    And printed it out. Murphy's Law says I'll need it when some part of the network is down.

    Leave a comment:

  • craig1
    replied
    Thanks for all the feedback!

    The scary thing is that in my home I have now discovered 17 items that require an IP address, 10 I've given static addresses with varying configs, the others are on a DHCP range in my upper subnet. All works fine with the config noted above and had no issues so far apart from one machine getting very huffy when I mistyped a number in the third octet then couldn't guess what my mistype was.

    House now successfully configured with cat 6 cabling, gigabit switches/hubs, n-spec wifi (with a secondary g-spec for any guests with older kit), femtocell for my mobile phone, etc. And all without the wife finally snapping and wanting to kill me.

    Not bad really for a non-techie PM

    Leave a comment:

  • VectraMan
    replied
    I think that's quite clever.Totally abusing the system, but still clever.

    Leave a comment:

  • v8gaz
    replied
    Assigning gateways is the correct thing to do, in ordeer to force individual machines to use a particular router - however this will not prevent the machines communicasting with each other on the internal LAN.

    You appear to be misconfiguring the subnet mask - I'm surprised the machines with a mask of 0 actually work! The mask defines the range of addresses that the machine will see without requiring a router. With the mask of .128 then you are right, the machines should only see the internal network between adresses .128 and .254, which includes the default gateway router. The other machines should also have a mask of .128, but as they have addressesd in the lower half of the class C that your network runs on, then they will only see from .1 to .127, which again includes their preferred default gateway.

    In order to allow some connectivity between machines, then in theory tyou would need to have some routing in place to allow comms between the upper and lower half of your private class C network.

    Leave a comment:

  • craig1
    replied
    Thanks.

    Got the thing running and have decided on a different approach that has worked. Routers stay the same, BT one is .128, business ADSL one is .1.

    Machines I want running on the business line are in the .1 to .127 range with a gateway address of the .1 router and a subnet mask of .0
    Personal machines I want accessing all machines (e.g. my storage/backup box) are in the .128 to .255 range, a gateway address of the .128 router and a subnet mask of .0
    Personal machines I don't want to have access to the business machines (e.g. my torrent downloader) are in the .128 to .255 range, a gateway address of the .128 router and a subnet mask of .128

    Seems to work just fine with some rigorous testing. I know that it won't stop anything malicious, I just want a logical separation to stop me doing something daft accidentally and to have at least a thin level of separation.

    Leave a comment:

  • garethevans1986
    replied
    I don't think that will keep the two groups of computers separate as they will still be on the same physical network, regardless of IP Address scheme.

    You will need to split the network and use a router/firewall like pfSense on a separate machine which you can then configure to allow one way access between the network subnets.

    So ADSL network uses 192.168.0.0/24 and Business Network uses 10.0.0.0/8 (or you could use the scheme you specified above), then configure the PfSense box to allow 10.0.0.0 => 192.168.0.0 but block 192.168.0.0 => 10.0.0.0 (swap as required).

    GE

    Leave a comment:

  • jsnetman
    replied
    You would need some form of router between the two subnets for this to work. Alternatively you could set the default IP address of one router to 1 and the other to 2 and have all the machines on the one subnet. You would have to disable DHCP on both routers and input static IP information, having half your machines pointing to 1 as the gateway address and the other half to 2. Maybe easier just to buy a cheap router.

    You might be able to setup routing between the two adsl routers, have a look in the adsl router setups for for anything to allow this.
    Last edited by jsnetman; 23 April 2012, 12:45.

    Leave a comment:

  • craig1
    started a topic IP Subnetting Question

    IP Subnetting Question

    Getting my BT Infinity fibre broadband installed today (55mbps down, 18mbps up) and I'm also keeping my other broadband (separate phone line, standard 8mbps ADSL) as it has static IP addresses for running some stuff I have. Servers nice and stable on the old fixed IP addresses and really can't be bothered with moving them.

    What I need help with is someone to confirm that my proposed design for providing interconnectivity between machines at home will work! I want the business machines to be able to see and get data from the personal machines but not the other way around, forcing the personal machines to use the BT Infinity router.

    I plan to use 192.168.20.x range split as follows:

    Business machines on 192.168.20.1 to .127 range with a subnet mask of 255.255.255.0. Business ADSL router on 192.168.20.1, all machines in this range using that as a gateway.
    Personal machines on 192.168.20.128 to .255 range with a subnet mask of 255.255.255.128. BT Infinity router on 192.168.20.128, all machines in this range using that as a gateway.

    Will that work or will there be connectivity issues between the machines? If there will be issues, any suggestions for fixing them? If I have to, I don't really mind turning the second subnet mask to .0 but I'd rather some logical separation.
    Last edited by craig1; 23 April 2012, 09:40.
    Tags: None

Advertisers

  1. Contracting
    1. General
      1. Brexit
    2. Business / Contracts
      1. Coronavirus Assistance
    3. Accounting / Legal
      1. Umbrella Companies
      2. HMRC Scheme Enquiries
      3. The Future of Contracting
      4. IR35 Reform
    4. Technical
    5. Welcome / FAQs
  2. Social
    1. Light Relief
    2. Social / Events
Working...
X