Two Subnets, One Internet Gateway

Philip
Topic Author
Offline
New Member

21 years 1 month ago #320 by Philip

Two Subnets, One Internet Gateway was created by Philip

Hi Chris, great website!

I was very interested in your routing example which showed how to connect two different subnets, Network A and Network B. I understand that Host A's gateway would be assigned as 192.168.0.1, and I assume Host B's gateway would be assigned as 200.200.200.1.

Okay. Now my question. Let's say we need to provide internet access to both subnets (for the sake of this question, assume the 200.200.200.0 subnet is a private LAN). Would this be best accomplished by adding a second router? After adding the router, how would it be configured? And how would it affect the way all the host's gateways (in both subnets) were assigned?

My thought was to add a second router, let's call it 192.168.0.2. It would be physically connected to Network A's switch. I would then tell it to forward any packets with a destination of 200.200.200.0 (the other subnet) to the IP address of the other router, 192.168.0.1. I am guessing that all hosts on Network A would have to have gateway addresses for the new router, 0.2. Network B hosts would still use the 200.200.200.1 gateway, and that router would have to determine if packets were destined for either Network A or the internet, and hence the new router.

Does my solution make sense, or is there an easier way to do this?

Thanks for any and all help.

Chris
Offline
Administrator

21 years 1 month ago #321 by Chris

Replied by Chris on topic Two Subnets, One Internet Gateway

Philip,

Good question that actually reminds me to create a special section for these types of configuration.

If you wanted to give both networks Internet access, you could do it in a variety of ways:

1) Network A or B has the Internet access router installed within either network.

In this case, all hosts on Network A & B keep the same gateway settings, that is 192.168.0.1 for Network A and 200.200.200.1 for Network B and then you introduce a new route entry within 'Router A' which will be something like this :
To reach 0.0.0.0 send packet to "new router"

This setup requires the use of NAT, or the use or real IP Addresses within Network A and B.

2) Setup a Linux/Windows gateway in either network.

This is nearly the same as the above setup, expect its easier to manage and seems to be the most common way most people would do it.

There are plenty of other ways to do it, but we haven't got the space nor time at this moment to analyse them all !

Perhaps the most important detail in your solution is the fact that your going to need to use NAT twice in order to get the most distant network connected to the Internet.

I would also suggest you take a look at the Static, Dynamic and NAT Overload pages for more information and examples.

Cheers,

Chris P.
[img]images/smiles/icon_cool.gif[/img]

Chris Partsenidis.
Founder & Editor-in-Chief
www.Firewall.cx

Philip
Topic Author
Offline
New Member

21 years 1 month ago #322 by Philip

Replied by Philip on topic Two Subnets, One Internet Gateway

Hi Chris, thanks for your reply.

Ah, you're right, of course. It does make it less complex to simply have Router A establish a route to the internet gateway. In my specific case, I've already got a gateway/firewall box built up running RedHat 7.3. I am learning how to use IPTables, and so far am very impressed.

Thanks again for your help, COOL site!!