wan network routing ––>Re: Network Design questions

(OLDER) <- More Stuff -> (NEWER) (NEWEST)
Home > News Posts > wan network routing ––>Re: Network Design questions
Printer Friendly Version

News Group Posts

wan network routing

If this baffles you, see Networking 101 and Routing.

After that, read Subnets and CIDR.

Newsgroups: comp.unix.sco.misc
From: bill@wjv.com.REMOVEME (Bill Vermillion)
Subject: Re: Network Design questions
Message-ID: <FypyqB.9C3@wjv.com.REMOVEME> 
Date: Thu, 3 Aug 2000 13:56:35 GMT

In article <8ma73r$3h0$1@slb6.atl.mindspring.net>, David H. Funte <none> wrote:

>I have two Openserver 5.04 servers in two different cities.

>They are connected via PPP over a low bandwitch 38k connection. My
>goal is to keep trafic between cites at a minimun - while allowing
>full access to each server, and all print servers on the network.

>I am planning to do the following..

>(1) Connect both servers with subnet mask of 255.255.0.0
>
>            Server #1 IP is 192.168.1.1   - GATEWAY
>            Server #2 IP is 192.168.2.1   - GATEWAY

With a 192.168.1.1 and 2.1 you only need a 255.255.252.0.  If you
had chosen 192.168.0.1 and 192.168.1.1 you could used 255.255.254.0
The former supernets four 256 address blocks while the latter only
two.    

.........
>-------------------------------------------------------

>I've tested this, and it seems to work. However I have these
>questions.
>
>The servers are part of the 255.255.0.0 subnet mask, and the PC's
>in each town are part of the 255.255.255.0 subnet mask which form
>the local network. Since each server is the Windows gateway, any
>requests for the other cities addresses are routed through the
>local gateway to the other city - since the two servers are part
>of the same netmask. However any traffic that is part of the local
>network stays local.

>Question #1: Is there anything *BAD* about mixing netmasks.

You don't 'mix' subnets.  You use them to split of combine groups
of addresses into more manageable or routeable hunks.

>Question #2: does this setup actually acomplish my goal of minimizing
>traffic over the 38k PPP connection?

Not really.  But you mention internet connection below - and didn't
mention here - which router has the internet connection. That make
a difference in how the routing tables should be set up.

>---------------------

>Question #3: Each city has it's own internet router. The address of
>each router is 192.168.1.201 in City #1, and 192.168.2.201 in City
>#2.

>        I've noticed that I can list the UNIX server as the only
>gateway on both LANs if I add the following to the UNIX routing
>table.

>        City #1 UNIX routing table:  route add 0.0.0.0  192.168.1.201
>        City #2 UNIX routing table:  route add 0.0.0.0  192.168.2.201

You only use the 0.0.0.0 for what is sometimes called the gateway
of last resort.  I'm assuming only one router is connected to the
internet and the other goes through the first.  If so only the
non-connected can have 0.0.0.0 routed to the connected one, but
make sure the connected one has a route to the non-connected one
and with a netmask of 255.255.255.0.   That will make sure that
data only goes to where it is needed and will cut down on your
traffic - which was your stated design goal.

>        this seems to cause any "foreign" ip addresses to filter
>through to the internet gateway. The tracert command seems to prove
>this true.

I'd suggest reading up a bit on IP routing.  The 0.0.0.0 is used
only when previous routing statements don't match.  It is the 'use
this because I don't know where to got for this' and it sends it
out to the next router upstream.

>Is there anything wrong with creating a route to the 0.0.0.0
>network? It looks weird to me, but it seems to works.

No - it is needed if you have outside connectivity.  If you only
connect to each city you can dispense with that and make specific
routes so that if someone types an IP number outside the range you 
would get a 'network unreachable' or similar message.

-- 
Bill Vermillion   bv @ wjv.com

From - Fri Aug  4 06:00:51 2000
Newsgroups: comp.unix.sco.misc
From: bill@wjv.com.REMOVEME (Bill Vermillion)
Subject: Re: Network Design questions
Message-ID: <Fyr3Ky.4Mu@wjv.com.REMOVEME> 
Date: Fri, 4 Aug 2000 04:38:58 GMT

In article <8mcmml$sfd$1@slb6.atl.mindspring.net>, David H. Funte <none> wrote:
>
>Bill Vermillion <bill@wjv.com.REMOVEME> wrote in message
>news:FypyqB.9C3@wjv.com.REMOVEME...
>> In article <8ma73r$3h0$1@slb6.atl.mindspring.net>, David H. Funte <none>
>wrote:

>> >(1) Connect both servers with subnet mask of 255.255.0.0

>> >            Server #1 IP is 192.168.1.1   - GATEWAY
>> >            Server #2 IP is 192.168.2.1   - GATEWAY

>> With a 192.168.1.1 and 2.1 you only need a 255.255.252.0.  If you
>> had chosen 192.168.0.1 and 192.168.1.1 you could used 255.255.254.0
>> The former supernets four 256 address blocks while the latter only
>> two.

>Your answer cleared up the subnet mask for me.  Thank you VERY much!!!
>I never did understand anything other than 255 or 0 until your example
>above.  It makes perfect sence in binary.
>Cool

That's the basic trick to understanding addressing - at least it
was for me - just think in binary and it starts to make sense.

>> You don't 'mix' subnets.  You use them to split of combine groups
>> of addresses into more manageable or routeable hunks.

>Potato vs Potatoe... In other words, A network is broken down into
>groups that are defined by subnets, right?

Subnets or supernets.  Netmasks are used to be able to handle
groups of IP numbers as a single unit.   The term supernet is
typically used when the 3rd octet is less than 255, thus combing
one or more blocks of what used to be called Class C addresses into
one unit.  

>> >Question #2: does this setup actually acomplish my goal of
>> >minimizing traffic over the 38k PPP connection?

>> Not really.  But you mention internet connection below - and didn't
>> mention here - which router has the internet connection. That make
>> a difference in how the routing tables should be set up.

>There is one router in each city to the internet (outbound only
>in both cities) and one Dedicated phone line connecting the two
>systems through modems. It is the dedicated modem connection that I
>wish to protect from high unnessicary use bacause it is only 38k.

To do this you should really need just two entried in the route
table on each router.   Route the 192.168.1.1 with a 255.255.255.0
netmask through the 192.168.2.201 port, and do the reverse on the
other end.  Then route 0.0.0.0 through the other exit port from the
router.

>BTW: a tracert ran from a windows system shows that the other city
>is only being hit when a request is made for that address. In other
>words...

>tracert from PC 192.168.1.25 for server 192.168.2.1
>            first goes to 192.168.1.1
>            then jumps to 192.168.2.1

>tracert from PC 192.168.1.25 to 192.168.1.1 jump directly to that
>address.

>Question: Can't I assume that the 38k PPP path is not being used
>since is doesn't show up in the traceroute?

Yes.


>Each city has their own internet router that is separate from the
>PPP link.

>Regarding the 0.0.0.0 route, how else could I route all external
>network requests to the internet router?

The 0.0.0.0 is typically used as the gateway of last resort after
all the other routes are examined.  If you have only one exit out
of the router then 0.0.0.0 is perfectly fine.  The fun starts when
you get multiple serial links in/out, multiple ethernets, and some
route going out through such things as terminal servers. 


>a traceroute shows that the desired path IS being followed.

>tracert from PC 192.168.1.25 to yahoo.com first jumps to the
>192.168.1.1 Server, and then passes through the Internet router at
>192.168.1.201 into the internet.

>Again, I'm assuming that a traceroute shows all that's happening.


If traceroute shows the proper path then you are okay.  

>> I'd suggest reading up a bit on IP routing.  The 0.0.0.0 is used
>> only when previous routing statements don't match.  It is the 'use
>> this because I don't know where to got for this' and it sends it
>> out to the next router upstream.

>That's exactly what I want - send it upstream.

I intepreted your message to indicate that you had two routers
linked by a dial-up plus another connection to the internet.  

>Perhaps my use of the word "router" is incorrect. My internet
>"router" allows multiple users to share one $20/mo Internet dialup
>account. It is designed to be defined as the gateway for the PC's.

Those can be less than fun.  Sometimes they don't do what is
exepected.  

>So, I guess you could say that routing 0.0.0.0 through my "internet
>router" is really causing a gateway (the UNIX server) to pass
>foreign requests through my internet gateway.

>I agree with your suggestion that I read up on IP routing.

>Perhaps there is an "IP routing for dummies" book?

I personally distrust anything that says 'for dummies'.   Get the
basic TCP/IP under control - try the O'Reilly book for example -
then work up from there to books on routing if you need to.

Bill
-- 
Bill Vermillion   bv @ wjv.com

If this page was useful to you, please click to help others find it:

Your +1's can help friends, contacts, and others on the web find the best stuff when they search.

Comments?

Inexpensive and informative Apple related e-books:

Permissions in Tiger (Leopard version also available)
Making Music with GarageBand '08
Apple Mail in Snow Leopard
Take Control of iPad Basics (FREE!)
Making Music with GarageBand '06