- Posts: 14
- Thank you received: 0
stupid subnet tricks
21 years 2 months ago #584
by bwana
stupid subnet tricks was created by bwana
I have a cheap consumer router (netgear fvs318) designed to support <255 users (subnet mask 255.255.255.0) that will still function with a subnet mask 255.255.240.0 or 255.255.0.0 for that matter? The thing still lets my little network function, I just cant access its configuration page from the lan, only the wan when remote admin is enabled.
Why cant i find my router from my lan?
Why doesnt the router crash anyway if i tell it that it canhost more ip addresss than 255 .
In addition, I can tell you that setting the subnet mask to 255.255.0.0 permitted a vpn to be established through the following configuration:
In my department:
[code:1]
vpn router Lan ip:192.168.3.1
wan ip :10.xxx.xxx.77
|
V
nat router with firewall in my building
lan ip: 10.xxx.xxx.1
wan ip: 208.xxx.xxx.xxx
|
V
INTERNET
(many hoops)
|
V
other office
vpn router: wan ip: 141.xxx.xxx.xxx
lan ip: 192.168.1.1
[/code:1]
Why cant i find my router from my lan?
Why doesnt the router crash anyway if i tell it that it canhost more ip addresss than 255 .
In addition, I can tell you that setting the subnet mask to 255.255.0.0 permitted a vpn to be established through the following configuration:
In my department:
[code:1]
vpn router Lan ip:192.168.3.1
wan ip :10.xxx.xxx.77
|
V
nat router with firewall in my building
lan ip: 10.xxx.xxx.1
wan ip: 208.xxx.xxx.xxx
|
V
INTERNET
(many hoops)
|
V
other office
vpn router: wan ip: 141.xxx.xxx.xxx
lan ip: 192.168.1.1
[/code:1]
21 years 2 months ago #626
by tfs
Thanks,
Tom
Replied by tfs on topic Re: stupid subnet tricks
You have 2 routers here - are they both the same type of router?
Which one are you having the problem with?
What is the configuration on your workstation set to?
Can you ping the router from your workstation?
Tom
Which one are you having the problem with?
What is the configuration on your workstation set to?
Can you ping the router from your workstation?
Tom
Thanks,
Tom
21 years 2 months ago #628
by Chris
Chris Partsenidis.
Founder & Editor-in-Chief
www.Firewall.cx
Replied by Chris on topic Re: stupid subnet tricks
Bwana,
The information your providing regarding your lan router is insufficient to help us get a good over view of your network.
Can you redo your diagram, but this time provide the subnet masks applied to each shown interface ?
Secondly, there seems to be a misconception in regards to NAT enabled routers sold in the market place.
When the vendor's specifications for the device mention up to "255" hosts, it dosen't mean that you can only use a Class C network address or any class with a subnetmask of 255.255.255.0 (which will give you 255 IP addresses).
The IP Address and subnetmask settings of your router are irrelevant to the amount of hosts it supports.
In fact, when they say a router supports upto "255" hosts, it means sessions, rather than individual hosts.
In plain english, this means that you can have upto 255 concurent sessions passing through the router and it will provide NAT translation services for each one of them, but if you try to pump more connections/sessions out of it, it will fail.
This limitation is a combination of the software its using and the total amount of memory the router has.
If you read the NAT topic that's covered here, you will learn that each NAT translation requires a specific amount of memory, around 160 bytes. In these 160 bytes, the router stores information about the particular session so when the reply comes back, it can match it with the original outgoing packet, reconstruct the reply packet and send it to the internal host that's expecting it.
Cheers,
The information your providing regarding your lan router is insufficient to help us get a good over view of your network.
Can you redo your diagram, but this time provide the subnet masks applied to each shown interface ?
Secondly, there seems to be a misconception in regards to NAT enabled routers sold in the market place.
When the vendor's specifications for the device mention up to "255" hosts, it dosen't mean that you can only use a Class C network address or any class with a subnetmask of 255.255.255.0 (which will give you 255 IP addresses).
The IP Address and subnetmask settings of your router are irrelevant to the amount of hosts it supports.
In fact, when they say a router supports upto "255" hosts, it means sessions, rather than individual hosts.
In plain english, this means that you can have upto 255 concurent sessions passing through the router and it will provide NAT translation services for each one of them, but if you try to pump more connections/sessions out of it, it will fail.
This limitation is a combination of the software its using and the total amount of memory the router has.
If you read the NAT topic that's covered here, you will learn that each NAT translation requires a specific amount of memory, around 160 bytes. In these 160 bytes, the router stores information about the particular session so when the reply comes back, it can match it with the original outgoing packet, reconstruct the reply packet and send it to the internal host that's expecting it.
Cheers,
Chris Partsenidis.
Founder & Editor-in-Chief
www.Firewall.cx
21 years 1 month ago #696
by bwana
Replied by bwana on topic Re: stupid subnet tricks
Chris,
Thank you for your clear reply. You cannot imagine how many other other forums are poppulated by network engineer wannabes. You are the FIRST out of seven different forums that directly answered my question. Other replies have ranged from ad hominem attacks ('you are not worthy to ask that question') to vagary that would honor a Greek oracle.
stefan
Thank you for your clear reply. You cannot imagine how many other other forums are poppulated by network engineer wannabes. You are the FIRST out of seven different forums that directly answered my question. Other replies have ranged from ad hominem attacks ('you are not worthy to ask that question') to vagary that would honor a Greek oracle.
stefan
Time to create page: 0.130 seconds