[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
RE: [FW1] Netmasks on different NIC's
VLSM and CIDR ARE NOT THE SAME THING. VLSM is subnetting subnets
essentially. Eg.
I have 3 subnets 192.168.1.1/25 192.168.1.129/26 192.168.1.192/26
CIDR is going the other way:
I have 4 Class C networks:
192.168.0/24
192.168.1/24
192.168.2/24
192.168.3/24
(notice they are contiguous)
To shrink routing tables (under BGPv4) I can aggregate these networks
going back agains the natural mask:
192.168.0/22
Now intead of 4 enteries in my router table I have 1. This allows routers
to make decisions quicker.
On Tue, 5 Oct 1999 karimi@ca.ibm.com wrote:
>
>
>
>
> if it's a Solaris box (2.6/7.0) it supports VLSM (variable length subnet
> masking) so you should
> be able to do this.
>
>
> _____________________________________________________
> karim ismail
> Network Security
> AT&T Global Network Services internet: karimi@ca.ibm.com
>
>
> sirving@ca.ibm.com on 10/05/99 01:31:37 PM
>
> Please respond to sirving@ca.ibm.com
>
> To: "Eli Tovbeyn" <eli@xpert.com>
> cc: fw-1-mailinglist@lists.us.checkpoint.com
> Subject: RE: [FW1] Netmasks on different NIC's
>
>
>
>
>
> The problem is with supernets. I don't believe that all systems will support
> supernets so you can have problems with 192.168.0.0/16 networks.
>
>
> "Eli Tovbeyn" <eli@xpert.com> on 10/05/99 11:40:51 AM
>
> Please respond to "Eli Tovbeyn" <eli@xpert.com>
>
> To: fw-1-mailinglist@lists.us.checkpoint.com
> cc:
> Subject: RE: [FW1] Netmasks on different NIC's
>
>
>
>
>
> Hi,
> AFAIK, classfull routing is dead. It was dead even 2 years ago... Every
> routing protocol can handle netmasks (well RIP 1.0 can't ). There is no
> problem to work with 192.168.0.0/24 or 10.0.1.0/24.
>
> -----------------------------------------------------------------
> Eli Tovbeyn eli@xpert.com
> Senior Consultant +972-9-9522378
> Xpert Trusted Systems +972-5-3574884
>
>
>
>
> > -----Original Message-----
> > From: owner-fw-1-mailinglist@lists.us.checkpoint.com
> > [mailto:owner-fw-1-mailinglist@lists.us.checkpoint.com]On Behalf
> > Of Carric Dooley
> > Sent: Monday, October 04, 1999 7:24 PM
> > To: Earl Robinson
> > Cc: fw-1-mailinglist@lists.us.checkpoint.com
> > Subject: Re: [FW1] Netmasks on different NIC's
> >
> >
> >
> > I think it has someting to do with the fact that 192.168.x.x is NOT a
> > class B network. It is in the Class C range. If you are going
> > to bring class
> > into it, us a class B. I have seen routers do bizarre things when you go
> > against the natural mask. The only protocol that supports supernetting
> > (for route aggregation) is BGP.
> >
> > On Mon, 4 Oct 1999, Earl Robinson wrote:
> >
> > >
> > > This looks exactly right to me. I'm not clear on why Carrick
> > Dooley says you cant
> > > use 192.168.xxx.xxx as a class B network. But anyway....
> > >
> > > What is your vendor's explanation of why this won't work?? Not
> > enough $$$ in it for
> > > them or what?
> > > -earl
> > >
> > > "Van Schijndel, Art - TOH" wrote:
> > >
> > > > Bjornar,
> > > >
> > > > I do variable length subnetting on my firewalls with no problem. Your
> > > > subnet boundaries look a little funny to me, however. Bounce
> > this off your
> > > > vendor:
> > > >
> > > > > NIC1: xxx.xxx.xxx.33-64 mask 255.255.255.224 (32 addresses)
> > > > NIC1: xxx.xxx.xxx.32-63 mask 255.255.255.224 (30 usable addresses)
> > > >
> > > > > NIC2: xxx.xxx.xxx.65-96 mask 255.255.255.224 (32 addresses)
> > > > NIC2: xxx.xxx.xxx.64-95 mask 255.255.255.224 (30 usable addresses)
> > > >
> > > > > NIC3: xxx.xxx.xxx.97-104 mask 255.255.255.248 (8 addresses)
> > > > NIC3: xxx.xxx.xxx.128-135 mask 255.255.255.248 (6 usable addresses)
> > > >
> > > > > NIC4: xxx.xxx.xxx.105-112 mask 255.255.255.248 (8 addresses)
> > > > NIC4: xxx.xxx.xxx.136-143 mask 255.255.255.248 (6 usable addresses)
> > > >
> > > > > NIC5: xxx.xxx.xxx.113-144 mask 255.255.255.224 (32 addresses)
> > > > NIC5: xxx.xxx.xxx.96-127 mask 255.255.255.224 (30 usable addresses)
> > > >
> > > > Best regards,
> > > >
> > > > Art
> > >
> > >
> > >
> > >
> > ==================================================================
> > ==============
> > > To unsubscribe from this mailing list, please see the
> > instructions at
> > > http://www.checkpoint.com/services/mailing.html
> > >
> > ==================================================================
> > ==============
> > >
> >
> >
> >
> > ==================================================================
> > ==============
> > To unsubscribe from this mailing list, please see the instructions at
> > http://www.checkpoint.com/services/mailing.html
> > ==================================================================
> > ==============
> >
>
>
>
> ================================================================================
> To unsubscribe from this mailing list, please see the instructions at
> http://www.checkpoint.com/services/mailing.html
> ================================================================================
>
>
>
>
>
> ================================================================================
> To unsubscribe from this mailing list, please see the instructions at
> http://www.checkpoint.com/services/mailing.html
> ================================================================================
>
>
>
>
>
> ================================================================================
> To unsubscribe from this mailing list, please see the instructions at
> http://www.checkpoint.com/services/mailing.html
> ================================================================================
>
================================================================================
To unsubscribe from this mailing list, please see the instructions at
http://www.checkpoint.com/services/mailing.html
================================================================================