[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
RE: [FW1] Netmasks on different NIC's
Could you then not say that CIDR is the child of VLSM because without VLSMs how
can you use CIDR?
Carric Dooley <carric@com2usa.com> on 10/05/99 04:22:58 PM
Please respond to Carric Dooley <carric@com2usa.com>
To: Karim Ismail/Markham/IBM@IBMCA
cc: Stuart Irving/Markham/IBM@IBMCA, fw-1-mailinglist@lists.us.checkpoint.com
Subject: RE: [FW1] Netmasks on different NIC's
Self Correction.. CIDR is a broader term than this post implies(sorry)...
it's more using /24 or /22 as the subnet mask, irregardless of class
(since by definition it's classless). VLSM is subnetting.. not
supernetting. CIDR is the vehicle facilitates supernetting. I do not
think any other protocols (besides BGP4) are truly classless in this
sense.
On Tue, 5 Oct 1999, Carric Dooley wrote:
>
> VLSM and CIDR ARE NOT THE SAME THING. VLSM is subnetting subnets
> essentially. Eg.
>
> I have 3 subnets 192.168.1.1/25 192.168.1.129/26 192.168.1.192/26
>
> CIDR is going the other way:
>
> I have 4 Class C networks:
>
> 192.168.0/24
> 192.168.1/24
> 192.168.2/24
> 192.168.3/24
> (notice they are contiguous)
>
> To shrink routing tables (under BGPv4) I can aggregate these networks
> going back agains the natural mask:
> 192.168.0/22
>
> Now intead of 4 enteries in my router table I have 1. This allows routers
> to make decisions quicker.
>
> On Tue, 5 Oct 1999 karimi@ca.ibm.com wrote:
>
> >
> >
> >
> >
> > if it's a Solaris box (2.6/7.0) it supports VLSM (variable length subnet
> > masking) so you should
> > be able to do this.
> >
> >
> > _____________________________________________________
> > karim ismail
> > Network Security
> > AT&T Global Network Services internet: karimi@ca.ibm.com
> >
> >
> > sirving@ca.ibm.com on 10/05/99 01:31:37 PM
> >
> > Please respond to sirving@ca.ibm.com
> >
> > To: "Eli Tovbeyn" <eli@xpert.com>
> > cc: fw-1-mailinglist@lists.us.checkpoint.com
> > Subject: RE: [FW1] Netmasks on different NIC's
> >
> >
> >
> >
> >
> > The problem is with supernets. I don't believe that all systems will
support
> > supernets so you can have problems with 192.168.0.0/16 networks.
> >
> >
> > "Eli Tovbeyn" <eli@xpert.com> on 10/05/99 11:40:51 AM
> >
> > Please respond to "Eli Tovbeyn" <eli@xpert.com>
> >
> > To: fw-1-mailinglist@lists.us.checkpoint.com
> > cc:
> > Subject: RE: [FW1] Netmasks on different NIC's
> >
> >
> >
> >
> >
> > Hi,
> > AFAIK, classfull routing is dead. It was dead even 2 years ago... Every
> > routing protocol can handle netmasks (well RIP 1.0 can't ). There is no
> > problem to work with 192.168.0.0/24 or 10.0.1.0/24.
> >
> > -----------------------------------------------------------------
> > Eli Tovbeyn eli@xpert.com
> > Senior Consultant +972-9-9522378
> > Xpert Trusted Systems +972-5-3574884
> >
> >
> >
> >
> > > -----Original Message-----
> > > From: owner-fw-1-mailinglist@lists.us.checkpoint.com
> > > [mailto:owner-fw-1-mailinglist@lists.us.checkpoint.com]On Behalf
> > > Of Carric Dooley
> > > Sent: Monday, October 04, 1999 7:24 PM
> > > To: Earl Robinson
> > > Cc: fw-1-mailinglist@lists.us.checkpoint.com
> > > Subject: Re: [FW1] Netmasks on different NIC's
> > >
> > >
> > >
> > > I think it has someting to do with the fact that 192.168.x.x is NOT a
> > > class B network. It is in the Class C range. If you are going
> > > to bring class
> > > into it, us a class B. I have seen routers do bizarre things when you go
> > > against the natural mask. The only protocol that supports supernetting
> > > (for route aggregation) is BGP.
> > >
> > > On Mon, 4 Oct 1999, Earl Robinson wrote:
> > >
> > > >
> > > > This looks exactly right to me. I'm not clear on why Carrick
> > > Dooley says you cant
> > > > use 192.168.xxx.xxx as a class B network. But anyway....
> > > >
> > > > What is your vendor's explanation of why this won't work?? Not
> > > enough $$$ in it for
> > > > them or what?
> > > > -earl
> > > >
> > > > "Van Schijndel, Art - TOH" wrote:
> > > >
> > > > > Bjornar,
> > > > >
> > > > > I do variable length subnetting on my firewalls with no problem. Your
> > > > > subnet boundaries look a little funny to me, however. Bounce
> > > this off your
> > > > > vendor:
> > > > >
> > > > > > NIC1: xxx.xxx.xxx.33-64 mask 255.255.255.224 (32 addresses)
> > > > > NIC1: xxx.xxx.xxx.32-63 mask 255.255.255.224 (30 usable addresses)
> > > > >
> > > > > > NIC2: xxx.xxx.xxx.65-96 mask 255.255.255.224 (32 addresses)
> > > > > NIC2: xxx.xxx.xxx.64-95 mask 255.255.255.224 (30 usable addresses)
> > > > >
> > > > > > NIC3: xxx.xxx.xxx.97-104 mask 255.255.255.248 (8 addresses)
> > > > > NIC3: xxx.xxx.xxx.128-135 mask 255.255.255.248 (6 usable addresses)
> > > > >
> > > > > > NIC4: xxx.xxx.xxx.105-112 mask 255.255.255.248 (8 addresses)
> > > > > NIC4: xxx.xxx.xxx.136-143 mask 255.255.255.248 (6 usable addresses)
> > > > >
> > > > > > NIC5: xxx.xxx.xxx.113-144 mask 255.255.255.224 (32 addresses)
> > > > > NIC5: xxx.xxx.xxx.96-127 mask 255.255.255.224 (30 usable addresses)
> > > > >
> > > > > Best regards,
> > > > >
> > > > > Art
> > > >
> > > >
> > > >
> > > >
> > > ==================================================================
> > > ==============
> > > > To unsubscribe from this mailing list, please see the
> > > instructions at
> > > > http://www.checkpoint.com/services/mailing.html
> > > >
> > > ==================================================================
> > > ==============
> > > >
> > >
> > >
> > >
> > > ==================================================================
> > > ==============
> > > To unsubscribe from this mailing list, please see the instructions at
> > > http://www.checkpoint.com/services/mailing.html
> > > ==================================================================
> > > ==============
> > >
> >
> >
> >
> >
================================================================================
> > To unsubscribe from this mailing list, please see the instructions at
> > http://www.checkpoint.com/services/mailing.html
> >
================================================================================
> >
> >
> >
> >
> >
> >
================================================================================
> > To unsubscribe from this mailing list, please see the instructions at
> > http://www.checkpoint.com/services/mailing.html
> >
================================================================================
> >
> >
> >
> >
> >
> >
================================================================================
> > To unsubscribe from this mailing list, please see the instructions at
> > http://www.checkpoint.com/services/mailing.html
> >
================================================================================
> >
>
>
>
>
================================================================================
> To unsubscribe from this mailing list, please see the instructions at
> http://www.checkpoint.com/services/mailing.html
>
================================================================================
>
================================================================================
To unsubscribe from this mailing list, please see the instructions at
http://www.checkpoint.com/services/mailing.html
================================================================================
================================================================================
To unsubscribe from this mailing list, please see the instructions at
http://www.checkpoint.com/services/mailing.html
================================================================================