split/isolate network
rikona
rikona at sonic.net
Sun Nov 21 02:10:14 UTC 2010
Hello Steven,
Saturday, November 20, 2010, 12:58:46 PM, Steven wrote:
SS> On 11/20/2010 02:24 PM, rikona wrote:
>> This is starting to sink in. I sort of understood it before, but not
>> well. If I'm understanding it right, would this require a mask
>> different from 255.255.255.0 to work correctly[ so the 3rd byte keeps
>> them separate]?
SS> No. The mask as it is reserves the first three octets for the
SS> network address and the last for hosts. Therefore 192.168.1.0 and
SS> 192.168.2.0 are two different networks and you only need
SS> 255.255.255.0 as the subnet mask.
SS> The only real reason you would change it is if you wanted to split
SS> apart a 192.168.1.0 network into subnets, for example the
SS> 255.255.255.128 mask splits it into half. One at 192.168.1.0 and
SS> the other at 192.168.1.128. At that point a host at 192.168.1.1
SS> could not speak to 192.168.1.129 without a router, just like using
SS> the two class C networks above.
Thanks for the very clear explanation, and especially the example. I
learn a lot from well-done examples.
I'm concerned about the "could not speak to 192.168.1.129 without a
router" above, though. Does this mean that they COULD communicate if I
have a router ahead of the splitter box? I was considering:
cable modem -> router/firewall -> linux box -> 2 isolated net
connections
If so, does that mean that I would have to prohibit, in the splitter
box, *incoming* from the 'other half' IP addresses, to get around this
problem? Does the router, in general, essentially undo what I'm trying
to do in the splitter box if I ONLY do just splitting?
Thanks for the help...
--
rikona
More information about the ubuntu-users
mailing list