[CoLoCo] changing subnet mask

[Jim Hutchinson]

On Mon, Sep 15, 2008 at 11:51 AM, Kevin Fries <kfries at cctus.com> wrote:

>
> ________________________________________
> From: ubuntu-us-co-bounces at lists.ubuntu.com [
> ubuntu-us-co-bounces at lists.ubuntu.com] On Behalf Of Jim Hutchinson [
> jim at ubuntu-rocks.org]
> Sent: Sunday, September 14, 2008 10:44 PM
> To: Ubuntu Colorado Local Community Team
> Subject: Re: [CoLoCo] changing subnet mask
>
> On Wed, Sep 10, 2008 at 9:29 AM, Kevin Fries <kfries at cctus.com<mailto:
> kfries at cctus.com>> wrote:
>
> > Well, what I wanted was two routers with DIFFERENT ssid and channel and
> different subnets. Basically,
> > I was trying to create two separate networks that were not isolated on
> the LAN side. I wanted to be able
> > to ssh between them and use one computer to manage both routers. When my
> desktop is connected to
> > the "1" subnet, it cannot see the router or computers on the "2" subnet.
> I was trying to figure out if a
> > different subnet mask would allow this to work.
>
> This was part of my reason for asking what you were trying to do.  Your
> original posting indicated that you were trying to get around a
> computability issue.  The ONLY reason to segment the network is for security
> purposes (in a business, accounting departments are often on a separate
> network to secure financial records).  If all you were trying to do was get
> around the broadcomm compatibility issue and wanted machines to be visible
> across both routers, you wanted one network.  Two networks with routing
> rules are more trouble than they are worth for a home network, unless you
> are using it as a home learning exercise.  Even then, there are more
> effective ways to learn.
>
> So, now I am back to being confused as to what you are trying to do... or
> maybe I should say, what and why you are trying to implement it with two
> networks.


My specific and original goal was to accommodate laptops in the home that
don't seem to want to connect to the linksys (router 1) running dd-wrt. To
that end I added the dlink (router 2). Turning off the dhcp on the dlink and
putting it on the same network solved my initial issue which was caused by
using different subnets and thus an inability to manage the whole
network(s). However, the other night and for whatever reason, computers
would not connect to the dlink and I wondered if it had anything to do with
dhcp being served by the linksys. As a test I put the dlink back on it's own
subnet and turned on dhcp and for whatever reason computer would connect
again. Clearly there are issues with my network, but I think all of them are
related to using non-factory firmware (which I'm doing because it's fun) and
wifi nics that are not well supported in Linux (which I can't control).
Fwiw, a macbook will connect at all times to any router regardless of how
it's set up so that points the finger more towards Linux broadcom drivers.

Now, becuase I like to play and experiment with things my specific goal got
confused with experimental goals - in this case the goal of understanding
subnets. I tend to play with things breaking and fixing them as a way to
learn. I can break this easily enough :) and I have a hunch that subnet
masks would be a possible tool for fixing so that is what I've been
investigating.

To be clear, I know how to make this all work on one network (aside from the
possible broadcom issues). What I didn't know was how to make 2 networks act
like one regardless of whether or not one should.


>
>
> > I think that is right but not sure what the "fixed at .1 or .254" or ".3
> or .252" lines mean. I have one
> > router with a default gateway of 192.168.1.1<http://192.168.1.1> and the
> other with
> > 192.168.2.1<http://192.168.2.1>. Both are serving DHCP and the .2 router
> is connected from a lan port
> > of the .1 into the WAN port of the .2. The ssids are different though.
> This is working except I can't access
> > computers on the .2 subnet or the router from computers on the .1
> network. That is what I'm trying to fix.
>
> Fixed at .1 or .255 means, do not allow that interface to obtain an IP
> address from DHCP, but instead make it a fixed IP address.  If your network
> is 192.168.1.0, then fixed at .1 means set a static IP address for the
> interface at 192.168.1.1.  Gateways are generally either the first or last
> address in the range depending on the network admin.  When I am fixing
> addresses, I always set static servers in the 1-49 range, and routers in the
> 240-254 range.  (For the records, 200-239 is for printers and other misc
> equipment, 100-199 is for desktops, and 50-99 are for mobile devices such as
> laptops, but that is my anal retentive system, use whatever numbering scheme
> works for you).


Okay, thanks. I get that now.


>
>
> > This only works upstream (i.e. from computers on the .2 network to
> computers on the .1) but not vice versa. I can only ssh one way.
>
> This is why you want one network.  Think of this like one of those diagrams
> they showed you in math class where you have a circle labeled A, and a
> second circle completely contained inside the first circle labeled B.  Since
> B is completely inside A, anything in B is also in A (any machine in network
> 2 can see all the machines in network 1).  Everything outside of A is
> neither in A or B (any machine from outside of network 1 is foreign to both
> network 1 and network 2).  Everything else is local to A, but not included
> in B (any machine in network 1 can not see those in network 2 because the
> machine has no way of knowing that network 2 is inside network 1).  By
> making it one network, you overlay the circles, so that everything in A is
> also in B (Network 1 and network 2 are the same space, so all machines
> should be visible.  I hope equating it to a vein diagram helps.


I understand (and understood) this. I was just wanting to break the rules
and see if I could.


>
>
> You can also try, though I have never seen this work in a wireless network,
> setting your desktop's netmask to /22 (255.255.252.0).


Bingo. That was the magic bit I was looking for in the beginning. I wanted
to change the subnet mask and see what would happen but didn't know the
funky math needed to do it. I still don't know the math but now I have a
mask I can try (and probably promptly break more stuff - thank god for the
reset button). What I don't know is what all has to have the subnet changed
- the one router, both, both and the laptops, etc. I guess I'll find out.


>  Again, this is one of those areas where theory meets actuality in a ugly
> game of "but why won't this work, it should".  The problem is that most of
> these wireless routers are designed to operate in one of two modes: either
> as a access point, where it expects that there is a bigger domain managed by
> a set of servers in the back; or as a central gateway where it expects to be
> king of the network.  You are trying to add a third scenario, where it is
> king of its network, but also aware of a second network in parallel.  Larger
> routers (i.e. Cisco or Linux routers) are built for this by only defining
> generic interfaces, which then allows a professional administrator to define
> a complex set of rules to handle all routes.  The home routers you are
> dealing with are dumbed down for non-administrators to use from home.
>  Complex routing is generally the first thing to be eliminated.


Ah, but one of the fun things with dd-wrt is that it adds back some of that
complexity and gives you quite a bit to play with.


>
>
> Hope I got you closer this time
>

Yep. Spot on. Thanks. I'll let you know if I mange to make things work they
way I want even if it's not what I should be doing. I was never one to
follow rules.

-- 
Jim (Ubuntu geek extraordinaire)
----
Please avoid sending me Word or PowerPoint attachments.
See http://www.gnu.org/philosophy/no-word-attachments.html
-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://lists.ubuntu.com/archives/ubuntu-us-co/attachments/20080915/c082e2a5/attachment-0001.htm