I have a Unix system that is routing. It is a firewall. I am responsible for the OS. It has the following subnets/routes
10.10.0.0/19 > nextrouter
10.10.32.0/20 > nextrouter
10.10.48.0/21 > nextrouter
10.10.56.0/21 > interface (NIC)
10.10.64.0/19 > nextrouter
10.10.96.0/19 > nextrouter
This works fine. My question is why can’t I do a 10.10.64.0/18 instead of using the two networks at the end of the list. I tried it with the /18 and it didn’t work. Our networking manager quickly pointed out that I need two /19 masks because I have to be as specific or more specific than the 10.10.0.0 subnet. I can’t find any documentation to support this and he wasn’t really able to explain it clearly. Can anyone explain this better or point to a doc that does explain this and the other non-basic subnetting rules.
On another system I tried
10.100.0.0/18 > nextrouter
10.100.64.0/19 > nextrouter
10.100.96.0/20 > nextrouter
10.100.112.0/22 > nextrouter
10.100.116.0/24 > nextrouter
10.100.117.0/24 > interface
10.100.118.0/23 > nextrouter
This didn’t work and I had to make the 10.100.118/23 network to /24 networks (118 and 119). Again, I wasn’t able to get a good explanation.
I have to believe the guy knows what he’s talking about because my method didn’t work and his did. He spotted the fixes right away. To make things worse none of the network engineers (which he manages) believe him either. I’d like to understand for myself and also find some written support.
