sub-net routing question
Lennart Sorensen
lsorense-1wCw9BSqJbv44Nm34jS7GywD8/FfD2ys at public.gmane.org
Wed Aug 17 21:22:16 UTC 2011
On Wed, Aug 17, 2011 at 03:40:18PM -0400, marthter wrote:
> Although I've set up many routers at small businesses and
> residentially for friends, when I've had more than one router at one
> site, I've always just turned on NAT instead of doing (what I gather
> is) the more advanced "proper" way to do it, with sub-netting. I.e.
> what I normally do is, if the first router (with external IP on its
> WAN) is giving LAN addresses 192.168.99.x, I'll hook the second
> router's WAN port to that .99.x LAN, and set the second router to,
> say, use LAN addresses 192.168.88.x. The second router uses NAT
> when its clients send traffic to the first LAN (or internet), and
> the first router also uses NAT when its clients send traffic to the
> internet. This works fine when basically all I need is just a bunch
> of machines to have internet access (and if there are any in-house
> servers, file shares, printers, etc, they are only on the first
> LAN). There is no manually added routing rule on the first router
> to allow hosts on the first LAN to reach hosts on the second LAN.
>
> I think I have a good handle on what a netmask of different lengths
> means and now I'm trying to put the theory to practice. Actually
> this is eventually for a VPN set-up but I'm trying with a LAN first
> to make sure I understand that.
>
> Picture three routers and two computers...
>
> "middle router" has (for now) nothing connected to WAN, just LAN
> "left router" has its WAN jack connected to a LAN jack of middle router
> "right router" has its WAN jack connected to a LAN jack of middle router
> "left computer" is connected to LAN jack of left router
> "right computer" is connected to LAN jack of right router
Are you actually using routers, or just your typical little one wan port
and a switch type boxes?
A lot of the cheap boxes can only route between a wan port and an internal
switch (with one subnet on it).
Some are more advanced and can setup vlan's for specific ports, which
would allow you to have other switches on different ports with different
subnets and route between them (there is no need for multiple routers
to do that, just one decent router and some switches).
If you do have multiple routers, some support using RIP or OSPF or ISIS
to share the routing info with each other, so that you don't have to
add each route manually to each router. It can also be used to create
redundant routes in some cases so a cable or port failure won't take
out the whole network.
--
Len Sorensen
--
The Toronto Linux Users Group. Meetings: http://gtalug.org/
TLUG requests: Linux topics, No HTML, wrap text below 80 columns
How to UNSUBSCRIBE: http://gtalug.org/wiki/Mailing_lists
More information about the Legacy
mailing list