LAN IP addresses - Networking

This is a discussion on LAN IP addresses - Networking ; Hi, I am not a specialist on network, but I have a network on 192.168.0.0 / 255.255.255.0 I fear not to have enough IP addresses. I know, that the solution would be to get another router and to get a ...

+ Reply to Thread
Results 1 to 15 of 15

Thread: LAN IP addresses

  1. LAN IP addresses

    Hi,

    I am not a specialist on network, but I have a network on
    192.168.0.0 / 255.255.255.0

    I fear not to have enough IP addresses. I know, that the solution would
    be to get another router and to get a second sub-network.

    I just wonder if I change my LAN ( 192.168.0.x/255.255.255.0 ) to
    192.168.x.x / 255.255.0.0
    - Would it be possible to do that ?
    - Would it get me all IP addresses like : 192.168.0.2 and 192.168.3.4
    accessible on the same network ?
    ( ... that could solve my problem and five me more IP addresses ..... )

    Thanks for your help

  2. Re: LAN IP addresses

    Am Fri, 05 Sep 2008 10:33:53 +0100 schrieb Steve:


    > I just wonder if I change my LAN ( 192.168.0.x/255.255.255.0 ) to
    > 192.168.x.x / 255.255.0.0
    > - Would it be possible to do that ?

    Sure why not.
    But better you route between 2 /24 networks, otherwise you get the whole
    /16 broadcasts to ever machine.

    > - Would it get me all IP addresses like : 192.168.0.2 and 192.168.3.4
    > accessible on the same network ?


    Yes, but it's better to route that.

    > ( ... that could solve my problem and five me more IP addresses ..... )
    >
    > Thanks for your help


    My suggestions for you is, that you set up you networks as /24 and set the
    route via the right interface, so you still take control between the
    subnets and you don't have so much sensless traffic like broadcasts from
    windows hosts.

    cheers

  3. Re: LAN IP addresses

    Burkhard Ott wrote:
    > Am Fri, 05 Sep 2008 10:33:53 +0100 schrieb Steve:
    >
    >
    >> I just wonder if I change my LAN ( 192.168.0.x/255.255.255.0 ) to
    >> 192.168.x.x / 255.255.0.0
    >> - Would it be possible to do that ?

    > Sure why not.
    > But better you route between 2 /24 networks, otherwise you get the whole
    > /16 broadcasts to ever machine.
    >
    >> - Would it get me all IP addresses like : 192.168.0.2 and 192.168.3.4
    >> accessible on the same network ?

    >
    > Yes, but it's better to route that.
    >
    >> ( ... that could solve my problem and five me more IP addresses ..... )
    >>
    >> Thanks for your help

    >
    > My suggestions for you is, that you set up you networks as /24 and set the
    > route via the right interface, so you still take control between the
    > subnets and you don't have so much sensless traffic like broadcasts from
    > windows hosts.
    >
    > cheers



    Hi,

    thanks for your reply.

    When you say " routing between 2* /24 network" do you mean using a NAT
    ? ( If not.. what do you mean AND How to do that ?? )
    .. that will decrease useless Broadcast !?

    Cheers,


  4. Re: LAN IP addresses

    Am Fri, 05 Sep 2008 11:13:51 +0100 schrieb Steve:
    > Hi,
    >
    > thanks for your reply.
    >
    > When you say " routing between 2* /24 network" do you mean using a NAT
    > ? ( If not.. what do you mean AND How to do that ?? )



    Let's assume you have a router with 3 seperate interfaces.

    if0 has 192.168.0.0/24
    if1 has 192.168.1.0/24
    if2 has 192.168.2.0/24

    If you want traffic from 192.168.0.0/24 to 192.168.2.0/24 your packet
    arrives if0, here you can have filter policies ot whatever and the packets
    leve the machine on if2, thats ist.

    > .. that will decrease useless Broadcast !?


    If you have an broadcast message on if0 and the ip 1-254 get those
    packets, nobody from if1 or if2.
    On every interface you can filter,nat,snat or wheterever you want.


    cheers

  5. Re: LAN IP addresses

    Burkhard Ott wrote:
    > Am Fri, 05 Sep 2008 11:13:51 +0100 schrieb Steve:
    >> Hi,
    >>
    >> thanks for your reply.
    >>
    >> When you say " routing between 2* /24 network" do you mean using a NAT
    >> ? ( If not.. what do you mean AND How to do that ?? )

    >
    >
    > Let's assume you have a router with 3 seperate interfaces.
    >
    > if0 has 192.168.0.0/24
    > if1 has 192.168.1.0/24
    > if2 has 192.168.2.0/24
    >
    > If you want traffic from 192.168.0.0/24 to 192.168.2.0/24 your packet
    > arrives if0, here you can have filter policies ot whatever and the packets
    > leve the machine on if2, thats ist.
    >
    >> .. that will decrease useless Broadcast !?

    >
    > If you have an broadcast message on if0 and the ip 1-254 get those
    > packets, nobody from if1 or if2.
    > On every interface you can filter,nat,snat or wheterever you want.
    >
    >
    > cheers



    Thank you

  6. Re: LAN IP addresses

    On Fri, 05 Sep 2008, in the Usenet newsgroup comp.os.linux.networking, in
    article , Steve wrote:

    >I am not a specialist on network, but I have a network on
    >192.168.0.0 / 255.255.255.0
    >
    >I fear not to have enough IP addresses. I know, that the solution
    >would be to get another router and to get a second sub-network.


    As Burkhard Ott suggests, the router and additional /24s would be a
    good solution.

    >I just wonder if I change my LAN ( 192.168.0.x/255.255.255.0 ) to
    >192.168.x.x / 255.255.0.0
    >- Would it be possible to do that ?


    Trivial, but maybe not the best solution.

    >- Would it get me all IP addresses like : 192.168.0.2 and 192.168.3.4
    >accessible on the same network ?


    But do you _need_ all of those addresses? Or would another 256
    addresses without buying new hardware be enough?

    >( ... that could solve my problem and five me more IP addresses ..... )


    Network Netmask start end hosts
    192.168.0.0 / 255.255.255.0 = 192.168.0.1 - 192.168.0.254 254
    192.168.0.0 / 255.255.254.0 = 192.168.0.1 - 192.168.1.254 510
    192.168.0.0 / 255.255.252.0 = 192.168.0.1 - 192.168.3.254 1022
    192.168.0.0 / 255.255.248.0 = 192.168.0.1 - 192.168.7.254 2046

    Contrary to what everyone thinks, you don't HAVE to have a mask
    of ONLY 255.0.0.0 or 255.255.0.0 or 255.255.255.0. Changing the
    network mask to (example) 255.255.254.0 on _EVERY_ system makes a
    network twice as big - meaning that 192.168.0.1 through 192.168.1.254
    are all on the same network.

    Advantage: No new hardware (other than the cables and hub/switches
    needed to connect the "new" computers to the LAN).

    Disadvantage: Twice the traffic is _possible_ on the LAN, and if
    everyone decides to talk at the same time... you've been to a party
    before, haven't you? This is why on simple networks, a mask of
    255.255.248.0 or wider is usually a bad idea, and 255.255.252.0 with
    a thousand hosts may be to much.

    Buying a router and connecting two LANs (192.168.0.0 / 255.255.255.0
    and 192.168.3.0 / 255.255.255.0 for example) reduces the disadvantage
    UNLESS you have a lot of systems on LAN 1 that want to talk to LAN 2
    (traffic is a little heavy on the M3 today, why is everyone going to
    Southampton/London now).

    Note that having a wider than needed network mask does not BY ITSELF
    create more traffic/noise. It makes no difference if you have 275
    computers on 192.168.0.0 / 255.255.254.0 or 10.0.0.0 / 255.0.0.0 -
    it's still 275 computers.

    Old guy

  7. Re: LAN IP addresses

    Steve wrote:

    > Hi,
    >
    > I am not a specialist on network, but I have a network on
    > 192.168.0.0 / 255.255.255.0
    >
    > I fear not to have enough IP addresses. I know, that the solution would
    > be to get another router and to get a second sub-network.
    >
    > I just wonder if I change my LAN ( 192.168.0.x/255.255.255.0 ) to
    > 192.168.x.x / 255.255.0.0
    > - Would it be possible to do that ?
    > - Would it get me all IP addresses like : 192.168.0.2 and 192.168.3.4
    > accessible on the same network ?
    > ( ... that could solve my problem and five me more IP addresses ..... )
    >
    > Thanks for your help


    This is just a side note.

    As Burkhard Ott recommends you should be routing traffic between smaller
    subnets, except you have many machines wanting to talk to few ones.

    IANA (http://www.iana.org) says there are 256 subnets with a maximum of
    256-2 (one network base and one broadcast address) addresses each in the
    192.168.x.y address space. Bigger subnets should use 172.16-31.x.y which
    allows 16 subnets with a maximum of (256^2)-2 = 65534 addresses each. Or,
    if even larger subnets are required, use 10.x.y.z which allows one huge
    subnet of (256^3)-2 = 16777214 addresses.
    This is a relict of the old times when there were no netmasks, but it is
    still valid...

    So if you intend to widen up your netmask you should also use appropriate
    address space.

    Felix

  8. Re: LAN IP addresses

    Felix Tiede wrote:
    > IANA (http://www.iana.org) says there are 256 subnets with a maximum of
    > 256-2 (one network base and one broadcast address) addresses each in the
    > 192.168.x.y address space. Bigger subnets should use 172.16-31.x.y which
    > allows 16 subnets with a maximum of (256^2)-2 = 65534 addresses each. Or,
    > if even larger subnets are required, use 10.x.y.z which allows one huge
    > subnet of (256^3)-2 = 16777214 addresses.
    > This is a relict of the old times when there were no netmasks, but it is
    > still valid...


    No, its not valid anymore. The whole purpose of netmasks is to replace
    the old class A, class B and class C concept.

    >
    > So if you intend to widen up your netmask you should also use appropriate
    > address space.


    Normally there shouldn't be any need to do so. You _do_ have an 64K
    space available in the 192.168.x.y range.

    That having said, we _did_ have some issues when we moved from a /24 to
    a /23 netmask at work years ago. That must have been in 2001 IIRC.
    We changed our netmask to join two adjacent formerly class C address
    blocks -located in a public address range- into a single broadcast
    domain. Some of our equipment didn't support that; most notably:
    -- some -already old at that time- Tektronix X-terminals
    -- a few -recent at that time- Dell network printers.
    Those printers and X-terminals _did_ support the netmask concept
    properly to divide a formerly class C network into smaller subnets,
    but failed when moving the netmask in the other direction.


    Regards,

    Kees.

    --
    Kees Theunissen.


  9. Re: LAN IP addresses

    On Sat, 06 Sep 2008, in the Usenet newsgroup comp.os.linux.networking, in
    article <6if0vbFpbhs9U1@mid.individual.net>, Felix Tiede wrote:

    >IANA (http://www.iana.org) says there are 256 subnets with a maximum
    >of 256-2 (one network base and one broadcast address) addresses each
    >in the192.168.x.y address space. Bigger subnets should use
    >172.16-31.x.y which allows 16 subnets with a maximum of (256^2)-2 =
    >65534 addresses each. Or, if even larger subnets are required, use
    >10.x.y.z which allows one huge subnet of (256^3)-2 = 16777214
    >addresses.


    Actually, RFC1918 states

    3. Private Address Space

    The Internet Assigned Numbers Authority (IANA) has reserved the
    following three blocks of the IP address space for private internets:

    10.0.0.0 - 10.255.255.255 (10/8 prefix)
    172.16.0.0 - 172.31.255.255 (172.16/12 prefix)
    192.168.0.0 - 192.168.255.255 (192.168/16 prefix)

    We will refer to the first block as "24-bit block", the second as
    "20-bit block", and to the third as "16-bit" block. Note that (in
    pre-CIDR notation) the first block is nothing but a single class A
    network number, while the second block is a set of 16 contiguous
    class B network numbers, and third block is a set of 256 contiguous
    class C network numbers.

    An enterprise that decides to use IP addresses out of the address
    space defined in this document can do so without any coordination
    with IANA or an Internet registry.

    It _MENTIONS_ pre-CIDR Class-ful sizes for those who missed the word
    that RFC1517 replaced the class-ful notation two years earlier. What
    that document does NOT do is specify what network mask to use.

    By the way, there is nothing sacred about the "zero" address, and some
    operating systems specifically do allow use of the "network" address
    as a _host_ address.

    >This is a relict of the old times when there were no netmasks, but
    >it is still valid...


    Why look at page 4 of RFC0923 and think what kind of network setup
    had to be used for the first few networks listed there. Bear in mind
    that Ethernet had a physical limit of 4100 meters between the furthest
    hosts, and an unrealistic maximum of 62250 systems on a single
    collision domain (DIX document XNSS-018211). So if they could only
    have 62250 hosts on a network, how did they use a /16 (or a "Class B"
    as it was called then) - never mind a /8 or "Class A"? Did they only
    use 62250 addresses? Any idea how big Yuma Proving Grounds is?[1]

    You may want to read RFC0950 - it predates RFC1918 by ten years, and
    RFC1517 (CIDR) by eight.

    0950 Internet Standard Subnetting Procedure. J.C. Mogul, J. Postel.
    Aug-01-1985. (Format: TXT=37985 bytes) (Updates RFC0792) (Also
    STD0005) (Status: STANDARD)

    >So if you intend to widen up your netmask you should also use
    >appropriate address space.


    Is the block large enough to contain your networks? 192.168.0.0/16 is
    large enough to hold a single 255.255.0.0 - and that is all that counts.

    Look again at RFC0791. No one cares how you arrange your address block.
    If you want to create 16384 /30 subnets within a /16, or use it as a
    single /16 (or anything in between), go ahead and do so. NO ONE CARES
    how it looks "inside", as that is _your_ problem, not the world's.

    Old guy

    [1] about 1200 square miles, or 4200 square kilometers

  10. Re: LAN IP addresses

    Hello,

    Moe Trin a écrit :
    >
    > By the way, there is nothing sacred about the "zero" address, and some
    > operating systems specifically do allow use of the "network" address
    > as a _host_ address.


    RFC 1812 states otherwise in § 4.2.2.11, 4.2.3.1, 5.3.5. If such an
    address is used, it must be treated as a broadcast and cannot be used as
    a host address. One exception is of course when using a /31 prefix on a
    point-to-point link as defined in RFC 3021.

  11. Re: LAN IP addresses

    On Sun, 07 Sep 2008, in the Usenet newsgroup comp.os.linux.networking, in
    article , Pascal Hambourg wrote:

    >Moe Trin a écrit :


    >> By the way, there is nothing sacred about the "zero" address, and
    >> some operating systems specifically do allow use of the "network"
    >> address as a _host_ address.

    >
    >RFC 1812 states otherwise in § 4.2.2.11, 4.2.3.1, 5.3.5.


    Perhaps the word "sacred" is to strong. None the less with the advent
    of CIDR, the meaning of the "network" and "broadcast" address can not
    be known to outsiders, and some operating systems now allow the
    network address to be used for hosts. I know someone who has a
    security monitor set to that address, just because he knows that
    every skript kiddie in the world knows not to bother looking at it.
    But then, a lot of people misinterpret RFC1122 Section 3.2.1.3 on
    page 31 (third paragraph below (g)) as prohibiting a zero (or -1
    which they don't understand) in any host part.

    >If such an address is used, it must be treated as a broadcast and
    >cannot be used as a host address.


    The "network" address has not been used as a broadcast address for a
    long time - 4.2BSD was replaced by 4.3 a bit over twenty years ago.

    While it's a work in progress, you may want to read through the
    draft-gont-opsec-ip-security-01.txt document available through your
    favorite RFC Editor or mirror.

    Old guy

  12. Re: LAN IP addresses

    Moe Trin a écrit :
    >
    >>>By the way, there is nothing sacred about the "zero" address, and
    >>>some operating systems specifically do allow use of the "network"
    >>>address as a _host_ address.

    >>
    >>RFC 1812 states otherwise in § 4.2.2.11, 4.2.3.1, 5.3.5.

    >
    > Perhaps the word "sacred" is to strong. None the less with the advent
    > of CIDR, the meaning of the "network" and "broadcast" address can not
    > be known to outsiders,


    Wasn't this true already with subnetting, even before CIDR ?

    > But then, a lot of people misinterpret RFC1122 Section 3.2.1.3 on
    > page 31 (third paragraph below (g)) as prohibiting a zero (or -1
    > which they don't understand) in any host part.


    Hey, I interpret this paragraph this way too ! :-o
    I quote it for completeness :

    IP addresses are not permitted to have the value 0 or -1 for
    any of the , , or number> fields (except in the special cases listed above).

    To me it clearly means that the host number part of a unicast host
    address cannot be 0. What I am reading wrong ?

    >>If such an address is used, it must be treated as a broadcast and
    >>cannot be used as a host address.

    >
    > The "network" address has not been used as a broadcast address for a
    > long time - 4.2BSD was replaced by 4.3 a bit over twenty years ago.


    Anyway at least one modern OS, Linux, still interprets it as an
    alternate directed broadcast address.

  13. Re: LAN IP addresses

    On Mon, 08 Sep 2008, in the Usenet newsgroup comp.os.linux.networking, in
    article , Pascal Hambourg wrote:

    >Moe Trin a écrit :


    >> None the less with the advent of CIDR, the meaning of the "network"
    >> and "broadcast" address can not be known to outsiders,

    >
    >Wasn't this true already with subnetting, even before CIDR ?


    To a lesser extent, yes. But with CIDR, even the slender clues of
    "Class" are missing. Is 41.190.68.0 a host, or a network? Is
    24.38.143.255 a host or a broadcast? Without using a whois query,
    you can't tell (neither are hosts).

    >> But then, a lot of people misinterpret RFC1122 Section 3.2.1.3 on
    >> page 31 (third paragraph below (g)) as prohibiting a zero (or -1
    >> which they don't understand) in any host part.

    >
    >Hey, I interpret this paragraph this way too ! :-o
    >I quote it for completeness :
    >
    > IP addresses are not permitted to have the value 0 or -1 for
    > any of the , , or > number> fields (except in the special cases listed above).
    >
    >To me it clearly means that the host number part of a unicast host
    >address cannot be 0. What I am reading wrong ?


    What is the "host number part"? Most people wrongly assume that this
    refers to the right-most octet only, and thus that x.y.z.0 and
    x.y.z.255 can not (except in the special cases noted) be a host. If
    I have 198.18.56.0 with a mask of 255.255.252.0, can I have a host
    numbered 198.18.56.255 or 198.18.57.0? Of course I can, because
    the "network" address is 198.18.56.0, and the broadcast address is
    198.18.59.255, and NO OTHER ADDRESS IN THAT RANGE IS SPECIAL.

    Oh, and you may also want to notice the "" mentioned
    above (also mentioned in RFC1812 and the various 'Assigned Numbers"
    RFCs like RFC1700), and then look at RFC3330. It was common with some
    operating systems that the lowest and highest _subnet_ were considered
    unusable.

    Old guy

  14. Re: LAN IP addresses

    Moe Trin a écrit :
    > Pascal Hambourg wrote:
    >>Moe Trin a écrit :
    >>>
    >>>But then, a lot of people misinterpret RFC1122 Section 3.2.1.3 on
    >>>page 31 (third paragraph below (g)) as prohibiting a zero (or -1
    >>>which they don't understand) in any host part.

    >>
    >>Hey, I interpret this paragraph this way too ! :-o
    >>I quote it for completeness :
    >>
    >> IP addresses are not permitted to have the value 0 or -1 for
    >> any of the , , or >> number> fields (except in the special cases listed above).
    >>
    >>To me it clearly means that the host number part of a unicast host
    >>address cannot be 0. What I am reading wrong ?

    >
    > What is the "host number part"?


    It is the right-most part of the IP address which has the corresponding
    bits in the netmask set to 0 ass assumed in the RFC. Isn't it what you
    meant by "host part" ?

    > Most people wrongly assume that this
    > refers to the right-most octet only,


    They're wrong. This is true only for /24.

    > Oh, and you may also want to notice the "" mentioned
    > above (also mentioned in RFC1812 and the various 'Assigned Numbers"
    > RFCs like RFC1700), and then look at RFC3330. It was common with some
    > operating systems that the lowest and highest _subnet_ were considered
    > unusable.


    I knew about this. Actually I tend to consider that the subnet number is
    deprecated since the advent of CIDR. An IP address contains a prefix and
    a host number. Whether the prefix is the result of subnetting does not
    matter to me, and I believe it should not matter to any network
    equipement either.

  15. Re: LAN IP addresses

    On Tue, 09 Sep 2008, in the Usenet newsgroup comp.os.linux.networking, in
    article , Pascal Hambourg wrote:

    >Moe Trin a écrit :


    >> Oh, and you may also want to notice the "" mentioned
    >> above (also mentioned in RFC1812 and the various 'Assigned Numbers"
    >> RFCs like RFC1700), and then look at RFC3330. It was common with
    >> some operating systems that the lowest and highest _subnet_ were
    >> considered unusable.


    >I knew about this. Actually I tend to consider that the subnet number
    >is deprecated since the advent of CIDR.


    Not really - it depends on your perspective. If you are looking from
    "outside", you probably have no idea what mask may be used on the LAN,
    and in fact it doesn't matter anyway. Systems on the Internet merely
    need to know that (for example) packets for 198.18.8.0/22 and
    198.18.12.0/23 should ultimately be sent to a certain router in South
    Whoozit that is acting as a gateway to the network that runs from
    198.18.0.0 to 198.18.13.255.

    On the "inside" of a LAN, the mask must reflect the size or design of
    the local setup. It probably has a route (or several) that encompasses
    the Internet values - it the case of this example, perhaps they are
    using /24 subnets, and a host on the "first" subnet might have a
    routing table that looks something like

    198.18.8.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0
    198.18.8.0 198.18.8.252 255.255.252.0 UG 0 0 0 eth0
    198.18.12.0 198.18.8.252 255.255.254.0 UG 0 0 0 eth0
    0.0.0.0 198.18.8.254 0.0.0.0 UG 0 0 0 eth0

    where 198.18.8.252 is the router to the rest of the LAN, and
    198.18.8.254 is the gateway to the world.

    >Whether the prefix is the result of subnetting does not matter to me,
    >and I believe it should not matter to any network equipement either.


    Most operating systems I'm familiar with don't care any more. There
    are/were a few that prefer to (or must) use a single network mask,
    which might make the above routing table look like

    198.18.8.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0
    198.18.9.0 198.18.8.252 255.255.255.0 UG 0 0 0 eth0
    198.18.10.0 198.18.8.252 255.255.255.0 UG 0 0 0 eth0
    198.18.11.0 198.18.8.252 255.255.255.0 UG 0 0 0 eth0
    198.18.12.0 198.18.8.252 255.255.255.0 UG 0 0 0 eth0
    198.18.13.0 198.18.8.252 255.255.255.0 UG 0 0 0 eth0
    0.0.0.0 198.18.8.254 0.0.0.0 UG 0 0 0 eth0

    but that's a problem for the admin who needs to configure things, and
    otherwise has no effect.

    Old guy

+ Reply to Thread