General discussion

Locked

Subnetting problem

By cpfeiffe ·
I have a Unix system that is routing. It is a firewall. I am responsible for the OS. It has the following subnets/routes
10.10.0.0/19 > nextrouter
10.10.32.0/20 > nextrouter
10.10.48.0/21 > nextrouter
10.10.56.0/21 > interface (NIC)
10.10.64.0/19 > nextrouter
10.10.96.0/19 > nextrouter
This works fine. My question is why can't I do a 10.10.64.0/18 instead of using the two networks at the end of the list. I tried it with the /18 and it didn't work. Our networking manager quickly pointed out that I need two /19 masks because I have to be as specific or more specific than the 10.10.0.0 subnet. I can't find any documentation to support this and he wasn't really able to explain it clearly. Can anyone explain this better or point to a doc that does explain this and the other non-basic subnetting rules.

On another system I tried
10.100.0.0/18 > nextrouter
10.100.64.0/19 > nextrouter
10.100.96.0/20 > nextrouter
10.100.112.0/22 > nextrouter
10.100.116.0/24 > nextrouter
10.100.117.0/24 > interface
10.100.118.0/23 > nextrouter
This didn't work and I had to make the 10.100.118/23 network to /24 networks (118 and 119). Again, I wasn't able to get a good explanation.

I have to believe the guy knows what he's talking about because my method didn't work and his did. He spotted the fixes right away. To make things worse none of the network engineers (which he manages) believe him either. I'd like to understand for myself and also find some written support.

This conversation is currently closed to new comments.

6 total posts (Page 1 of 1)  
| Thread display: Collapse - | Expand +

All Comments

Collapse -

Subnetting problem

by darts32 In reply to Subnetting problem

Here is some sites on supernetting:

http://tinyurl.com/8qix

http://tinyurl.com/8qjh

Also you can try some IP calculators

http://tinyurl.com/8qjs

Collapse -

Subnetting problem

by cpfeiffe In reply to Subnetting problem

Thanks. None of the sites validated what the NW manager was saying or found fault with what I was doing, but I've looked at over a hundred online docs and can't find the answer anywhere. I'm starting to believe something else is wrong (i.e. config at the next router) that I don't know about.

Collapse -

Subnetting problem

by mshavrov In reply to Subnetting problem

First of all, if "nextrouter" word, you use in your example is ONE device, why don't you just use very simple routing table, something like:

10.0.0.0/8 --> NextRouter
10.10.56.0/21 --> Interface1
10.100.117.0/24 --> Interface2

It will work fine, believe me, because it's nature of routing: more specific route ALWAYS takes precedance over less specific. In this example, you have "default route" (it means, "if I don't know where it is"), pointing to your "core router", to "firewall", etc. (somewhere "outside"). Then you have route to 10.0.0.0/8 through "NextRotuer". And also you have route to 10.10.56.0/21 through Interface1. If you have packet for 10.10.56.10, your computer will see first for most specific route and will find "10.10.56.0/21". Since it have found a route, it will stop looking. But if you will send packet to 10.15.0.1, closest match is "10.0.0.0/8", so packet will be routed to "NextRouter". And if you will send packet to 194.1.2.3, your computer does not have routing for this network, and so it will send it to "Outside" (default gateway).

But if you have separate routers for all stated networks, it's completely another story. So, now let's look to your networks and subnet masks:

10.10.0.0/19 = 10.10.0.1to 10.10.31.254
10.10.32.0/20 = 10.10.32.1 to 10.10.47.254
10.10.48.0/21 = 10.10.48.1 to 10.10.55.254
10.10.56.0/21 = 10.10.56.1 to 10.10.63.254
10.10.64.0/19 = 10.10.64.1 to 10.10.95.254
10.10.96.0/19 = 10.10.96.1 to 10.10.127.254

So, you can see that all routes go consequently, without gaps. So, if you will change route to 10.10.64.0/18 , it will span 10.10.64.1 to 10.10.127.254, so you will overlap with 10.10.96.0/19 network. It's not a problem, if you have one router, leading to both networks. And if you will change "network layout", you should change ALL networks accordingly, since you didn't leave "gaps" between networks.

Collapse -

Subnetting problem

by mshavrov In reply to Subnetting problem

And additional 2 cents, if you is not familiar with subnets, just use "Subnets Calculator". A always use one, which can be found at "www.boson.com" (free download). Very helpful thing.

If you have more questions or suggestions, send me e-mail.Good luck,

Michael Shavrov
CCNA, CCDA, MCSE W2K, MCSE+I, Sun CSA, CCSA

Collapse -

Subnetting problem

by cpfeiffe In reply to Subnetting problem

Thanks. See comments to answer 1.

Collapse -

Subnetting problem

by cpfeiffe In reply to Subnetting problem

This question was closed by the author

Back to Networks Forum
6 total posts (Page 1 of 1)  

Related Discussions

Related Forums