+ Post New Thread
Page 2 of 2 FirstFirst 12
Results 16 to 27 of 27
Wireless Networks Thread, Need help getting to grips with subnetting in Technical; i would download a subnetting calculator so save you from getting a migrain baz...
  1. #16

    Join Date
    Mar 2007
    Posts
    28
    Thank Post
    0
    Thanked 0 Times in 0 Posts
    Rep Power
    0

    Re: Need help getting to grips with subnetting

    i would download a subnetting calculator so save you from getting a migrain

    baz

  2. #17
    ICTNUT's Avatar
    Join Date
    Jul 2005
    Location
    Hereford
    Posts
    1,419
    Thank Post
    196
    Thanked 249 Times in 122 Posts
    Rep Power
    62

    Re: Need help getting to grips with subnetting

    I have been looking into thisone myself as I am about to change the IP layout at the school to build in some extra scope:

    An IP subnet mask of: 255.255.248.0 would give you 2048 IP addresses based over 8 host networks i.e.:

    192.168.1.0 - 192.168.2.0 - 192.168.3.0 - 192.168.4.0 - 192.168.5.0 - 192.168.6.0 - 192.168.7.0 - 192.168.8.0.

    What you need to remember is that 192.168.0.0 and 192.168.0.8.255 can not be used so you only have 2046 IP's available.

    This knid of setup is really good if you wish to "assign" IP's to specifc kit or VLANS.

    We run VLANS in my school and the plan would be to do something like:

    192.168.1.0 - Servers/Switches/Routers (VLAN1)
    192.168.2.0 - Student PC's (VLAN2)
    192.168.3.0 - Student PC's (VLAN2)
    192.168.4.0 - Student PC's (VLAN2)
    192.168.5.0 - Staff PC's/Admin PC's (VLAN3)
    192.168.6.0 - Staff PC's/Admin PC's (VLAN3)
    192.168.7.0 - Wireless Access (VLAN4)
    192.168.8.0 - SPARE

    Not any easy thing to turn around but if you manage to work out your subnet first this will save you alot of hassle. The idea is to capacity plan, look at what you have already (number of devices that need an ip address) then double it.

    It's always easier to have more than you need than to have less and strugle to add more later.

  3. #18
    limbo's Avatar
    Join Date
    Aug 2005
    Location
    Birmingham
    Posts
    460
    Thank Post
    2
    Thanked 41 Times in 36 Posts
    Rep Power
    25

    Re: Need help getting to grips with subnetting

    Before you set up this VLAN just have a check with your ISP.

    This was one of the options we considered (the LEA guys and me) but they realised it might cause problems because other sections of their network, that we would need access to, had a VLAN in the same way. This would mean that one of my PC's could in theory have the same IP address as another PC connected to the LEA network making access not only impossible but likely chaotic.

    You are probably fine, and you have probably already checked it out with your LEA - but just worth a mention to anyone else thinking about doing this.

  4. #19

    SimpleSi's Avatar
    Join Date
    Jun 2005
    Location
    Lancashire
    Posts
    5,808
    Thank Post
    1,476
    Thanked 592 Times in 444 Posts
    Rep Power
    168

    Re: Need help getting to grips with subnetting

    @ictnut

    I'm a bit confused about your suggested setup.

    IF you use a subnet mask of 255.255.248.0 - you get a big range to put all your devices into.

    But isn't VLANing (If that's the word to use ) on switches used to separate traffic from one network to another?

    So, although all devices are on same subnet, the VLANing process will stop them communicating?

    Or is that not what VLANs are for

    regards

    Simon

  5. #20

    bossman's Avatar
    Join Date
    Nov 2005
    Location
    England
    Posts
    3,905
    Thank Post
    1,186
    Thanked 1,057 Times in 749 Posts
    Rep Power
    328

    Re: Need help getting to grips with subnetting

    Nat with private address means you will never run out of addresses simple.

  6. #21

    SimpleSi's Avatar
    Join Date
    Jun 2005
    Location
    Lancashire
    Posts
    5,808
    Thank Post
    1,476
    Thanked 592 Times in 444 Posts
    Rep Power
    168

    Re: Need help getting to grips with subnetting

    @bossman

    NATing could cause problems with other services supplied by a RBC -e.g. in Lancs, we have a cachepilot with Espresso on it that has a fixed IP RBC assigned address and also we are told to use fixed IP's for our Video conferencing.

    Although I presume these issues are bypassable, I know the RBC wouldn't support doing so, so in reality NATing is not an option

    regards

    Simon

  7. #22

    Geoff's Avatar
    Join Date
    Jun 2005
    Location
    Fylde, Lancs, UK.
    Posts
    11,803
    Thank Post
    110
    Thanked 583 Times in 504 Posts
    Blog Entries
    1
    Rep Power
    224

    Re: Need help getting to grips with subnetting

    This was one of the options we considered (the LEA guys and me) but they realised it might cause problems because other sections of their network, that we would need access to, had a VLAN in the same way. This would mean that one of my PC's could in theory have the same IP address as another PC connected to the LEA network making access not only impossible but likely chaotic.
    This situation is possible but unlikely. The following conditions would need to be true:

    1) Two schools had be allocated the same IP range by the LEA.
    2) They wanted to communicate with each other.

    VLAN's are not relevant to this problem, it's purely a traffic management tool. It's a clash of IP ranges that's the issue.

    So, although all devices are on same subnet, the VLANing process will stop them communicating?
    Correct. One would probably have a router/firewall combination to allow communication between hosts on separate VLANs as required.

    NATing could cause problems with other services supplied by a RBC -e.g. in Lancs, we have a cachepilot with Espresso on it that has a fixed IP RBC assigned address and also we are told to use fixed IP's for our Video conferencing.
    Implememting a DMZ solves the first problem, port forwarding (or a Gatekeeper or a SOCKs proxy) the second.

  8. #23
    limbo's Avatar
    Join Date
    Aug 2005
    Location
    Birmingham
    Posts
    460
    Thank Post
    2
    Thanked 41 Times in 36 Posts
    Rep Power
    25

    Re: Need help getting to grips with subnetting

    @Geof - the resources that may have a similary range are part of the LEA hosted services - things that they provide that we want to use - not within another school so 2) would definately be true and 1) the entire 192. range within the two vlans would be the same so you would be going say 192.168.1.48 in my school to the LEA service running on 192.168.1.48 in their VLAN.

    It probably would be ok - but they suggested not to risk it.

  9. #24

    Geoff's Avatar
    Join Date
    Jun 2005
    Location
    Fylde, Lancs, UK.
    Posts
    11,803
    Thank Post
    110
    Thanked 583 Times in 504 Posts
    Blog Entries
    1
    Rep Power
    224

    Re: Need help getting to grips with subnetting

    VLAN tagged data should not exit your internal network. If it does, your network is broken.

    If your LEA network is accepting VLAN tagged data then their network is broken.

    Implement proper egress/ingress filtering on your border firewall.

  10. #25
    limbo's Avatar
    Join Date
    Aug 2005
    Location
    Birmingham
    Posts
    460
    Thank Post
    2
    Thanked 41 Times in 36 Posts
    Rep Power
    25

    Re: Need help getting to grips with subnetting

    @Geoff - Just repeating what I was told in the hope of helping someone else.

  11. #26

    Geoff's Avatar
    Join Date
    Jun 2005
    Location
    Fylde, Lancs, UK.
    Posts
    11,803
    Thank Post
    110
    Thanked 583 Times in 504 Posts
    Blog Entries
    1
    Rep Power
    224

    Re: Need help getting to grips with subnetting

    Fair enough, I'm saying what best practise is.

  12. #27
    ICTNUT's Avatar
    Join Date
    Jul 2005
    Location
    Hereford
    Posts
    1,419
    Thank Post
    196
    Thanked 249 Times in 122 Posts
    Rep Power
    62

    Re: Need help getting to grips with subnetting

    @Geoff and @Limbo:

    Our LEA only provides a single Gateway/Router IP so schoolcan get out on the "internet". At the moment NO OTHER services are provided to schools via the LEA.

    All schools are in control ofthier own internal IP addressing.

    Each school LEA assigned IP is on its own VLAN within the LEA and resides in a 10.x.x.x range. All schools are advised to use either a 192.168.x.x or 172.x.x.x range.

    All of our VLAN data is tagged at switch/router level and relaying is used in order to distribute IP's along the correct VLANs

SHARE:
+ Post New Thread
Page 2 of 2 FirstFirst 12

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •