Network subnet?

From: Chris Knipe (cgknipe@mweb.co.za)
Date: Sat Jan 08 2000 - 00:05:30 EST


Hi all ...

Previous time I did this, I splitted the network subnet into two 50/50
segments... There MUST be an better way to do this...

Whats the problem ? Well, lots of my clients gets 32 IP address blocks
allocated to them over 64K diginet lines... Many of those lease lines needs
dedicated Linux Firewalls... Just how do I subnet ?

Say for example, an client gets allocated 1.2.3.0 on an subnet of
255.255.255.224... That's 32 IP Addresses (including network and
broadcast addresses)...

The Router gets assigned, 1.2.3.1, eth0 on the linux box is 1.2.3.2. That
will be easy to configure... It's an static route...

eth1 on the linux box now, has to be allocated 1.2.3.5, while 1.2.3.6 and
the rest of the IP address gets allocated on the network located from eth1
(The firewalled network).

How do I route this on the firewall ?

I can subnet 1.2.3.1 and 1.2.3.2 on 255.255.255.254, which will make .1 and
.2 in its own subnet, and I use .5 for the IP address of eth1 on the
firewall, but what / how do I subnet eth1 to allow it to use .5 to .28 (?)
on its own subnet for the second network?

For it to route successfully, the two network cards have to be in their own
subnet to just route the network bits over the various network cards ?

If I have to use rip or gated for this, does anyone have an example
configuration for me ?

Graphical Layout:
~~~~~~~~~~~~~~~~~
                            +-- Workstation
                            |-- Workstation
 +--------+ +----------+ |-- Workstation
-| Router |----| Firewall |-+-- Workstation
 +--------+ +----------+ |-- Workstation
                            |-- Workstation
                            +-- Workstation

Router: Network: 1.2.3.0
         Broadcast: 1.2.3.3
         IP: 1.2.3.1
         Subnet: 255.255.255.254
 
Firewall (eth0):
         Network: 1.2.3.0
         Broadcast: 1.2.3.3
         IP: 1.2.3.2
         Subnet: 255.255.255.254

Firewall (eth1)
         Network: 1.2.3.4
         Broadcast: 1.2.3.32 (?)
         IP: 1.2.3.5
         Subnet: 255.255.255.240 (?)

Any help as per usual, MUCH appreciated!!!!!
         
Regards
Chris Knipe
Cel: (083) 430 8151
Freelance Internet Developer, Consultant, Administrator & Speaker

-
To unsubscribe from this list: send the line "unsubscribe linux-net" in
the body of a message to majordomo@vger.rutgers.edu



This archive was generated by hypermail 2b29 : Sat Jan 15 2000 - 21:00:28 EST