Hot Downloads

Welcome, Guest
Username: Password: Remember me

TOPIC: stupid subnet tricks

stupid subnet tricks 13 years 6 days ago #584

  • bwana
  • bwana's Avatar
  • Offline
  • New Member
  • Posts: 14
  • Karma: 0
I have a cheap consumer router (netgear fvs318) designed to support <255 users (subnet mask 255.255.255.0) that will still function with a subnet mask 255.255.240.0 or 255.255.0.0 for that matter? The thing still lets my little network function, I just cant access its configuration page from the lan, only the wan when remote admin is enabled.

Why cant i find my router from my lan?

Why doesnt the router crash anyway if i tell it that it canhost more ip addresss than 255 .

In addition, I can tell you that setting the subnet mask to 255.255.0.0 permitted a vpn to be established through the following configuration:

In my department:
[code:1]
vpn router Lan ip:192.168.3.1
wan ip :10.xxx.xxx.77
|
V
nat router with firewall in my building
lan ip: 10.xxx.xxx.1
wan ip: 208.xxx.xxx.xxx
|
V
INTERNET
(many hoops)
|
V
other office
vpn router: wan ip: 141.xxx.xxx.xxx
lan ip: 192.168.1.1
[/code:1]
The administrator has disabled public write access.

Re: stupid subnet tricks 13 years 3 days ago #626

  • tfs
  • tfs's Avatar
  • Offline
  • Expert Member
  • Posts: 521
  • Karma: 0
You have 2 routers here - are they both the same type of router?

Which one are you having the problem with?

What is the configuration on your workstation set to?

Can you ping the router from your workstation?

Tom
Thanks,

Tom
The administrator has disabled public write access.

Re: stupid subnet tricks 13 years 3 days ago #628

  • Chris
  • Chris's Avatar
  • Offline
  • Administrator
  • Posts: 1446
  • Thank you received: 13
  • Karma: 8
Bwana,

The information your providing regarding your lan router is insufficient to help us get a good over view of your network.

Can you redo your diagram, but this time provide the subnet masks applied to each shown interface ?

Secondly, there seems to be a misconception in regards to NAT enabled routers sold in the market place.

When the vendor's specifications for the device mention up to "255" hosts, it dosen't mean that you can only use a Class C network address or any class with a subnetmask of 255.255.255.0 (which will give you 255 IP addresses).

The IP Address and subnetmask settings of your router are irrelevant to the amount of hosts it supports.

In fact, when they say a router supports upto "255" hosts, it means sessions, rather than individual hosts.

In plain english, this means that you can have upto 255 concurent sessions passing through the router and it will provide NAT translation services for each one of them, but if you try to pump more connections/sessions out of it, it will fail.

This limitation is a combination of the software its using and the total amount of memory the router has.

If you read the NAT topic that's covered here, you will learn that each NAT translation requires a specific amount of memory, around 160 bytes. In these 160 bytes, the router stores information about the particular session so when the reply comes back, it can match it with the original outgoing packet, reconstruct the reply packet and send it to the internal host that's expecting it.


Cheers,
Chris Partsenidis.
Founder & Editor-in-Chief
www.Firewall.cx
The administrator has disabled public write access.

Re: stupid subnet tricks 12 years 11 months ago #696

  • bwana
  • bwana's Avatar
  • Offline
  • New Member
  • Posts: 14
  • Karma: 0
Chris,

Thank you for your clear reply. You cannot imagine how many other other forums are poppulated by network engineer wannabes. You are the FIRST out of seven different forums that directly answered my question. Other replies have ranged from ad hominem attacks ('you are not worthy to ask that question') to vagary that would honor a Greek oracle.

stefan
The administrator has disabled public write access.
Time to create page: 0.080 seconds

CCENT/CCNA

Cisco Routers

  • SSL WebVPN
  • Securing Routers
  • Policy Based Routing
  • Router on-a-Stick

VPN Security

  • Understand DMVPN
  • GRE/IPSec Configuration
  • Site-to-Site IPSec VPN
  • IPSec Modes

Cisco Help

  • VPN Client Windows 8
  • VPN Client Windows 7
  • CCP Display Problem
  • Cisco Support App.

Windows 2012

  • New Features
  • Licensing
  • Hyper-V / VDI
  • Install Hyper-V

Linux

  • File Permissions
  • Webmin
  • Groups - Users
  • Samba Setup