Re: Simple netmask question, could some one please answer this question for me.
- From: Mike Drechsler - SPAM PROTECTED EMAIL <mike-newsgroup@xxxxxxxxxxxxxxxxxxxxxxxxxxxx>
- Date: Fri, 12 Oct 2007 07:07:34 GMT
El CiD wrote:
Hello,
I will be setting up a cisco site to site vpn for the first time. I
will attempt at creating two sites connecting to the main office. In
order for the site to site vpn to work among site, I will need to have
a different subnet per tunner.
My idea is the following.
1st site.
Address: 172.16.0.1 Netmask: 255.255.255.0 Wildcard: 0.0.0.255
= 254 hosts
site 2
Address: 172.16.0.2 Netmask: 255.255.255.128 Wildcard: 0.0.0.127
= 126 hosts
Address: 172.16.0.3 Netmask: 255.255.255.192 = 26 Wildcard: 0.0.0.63 Hosts/Net: 62
Am I correct to say that this setup will meet cisco requirement for
separate subnet masks? even although the ip addressing is similar?
I went from a site with 254 hosts to site 2 with 126 down to site 3
with 62 hosts. Each site has a distintive subnet mask. I would like
to keep each site ip addressing similar as its easy to remenber. Site
1 ends with .1 site two with .2 and site 3 with .3
and please pardon my newbiness. I am trying to understand it all as I
go.
thank you.
Your address ranges overlap. It will not work.
Try:
1st site
address range: 172.16.0.0 - 172.16.0.255
Set your router to be 172.16.0.1
CIDR network notation: 172.16.0.0/24
netmask: 255.255.255.0
broadcast address: 172.16.0.255
maximum addresses: 254
2nd site
address range: 172.16.1.0-172.16.1.127
Set your router to be 172.16.1.1
CIDR network notation: 172.16.1.0/25
netmask: 255.255.255.128
broadcast address: 172.16.1.127
maximum addresses: 126
3rd site
address range: 172.16.1.128-172.16.1.191
Set your router to be 172.16.1.129
CIDR network notation: 172.16.1.128/26
netmask: 255.255.255.192
broadcast address: 172.16.1.191
maximum addresses: 62
Do not use the first or last IP's in the range (network route or broadcast IP). .0 and .255 are valid in the middle of larger sized IP blocks like /22 but can expose bugs in some software and routers that didn't expect these IP values.
There is a handy dandy web based javascript calculator you can fiddle with here: http://www.subnet-calculator.com/cidr.php
Basically your site routers will each need it's own range of addresses and those ranges cannot conflict with another router and subnet you are setting up.
I'm guessing you aren't really running out of address space or you would understand the concepts much better. You may simplify things for yourself by just using /24 (255.255.255.0 netmask) sized subnets at all locations even though it wastes addresses for a small branch office that will never need that many IP's.
eg: site1: 172.16.1.0/24 site2: 172.16.2.0/24 site3: 172.16.3.0/24
The IP address of the router does not NEED to be the very first usable address in the IP range but it is convention that you setup your routers as the first usable IP to avoid confusion.
--
WARNING! Email address has been altered for spam resistance.
Please remove the -deletethispart-. section before replying directly.
Mike Drechsler (mike-newsgroup@xxxxxxxxxxxxxxxxxxxxxxxxxxxx)
.
- Follow-Ups:
- References:
- Prev by Date: Simple netmask question, could some one please answer this question for me.
- Next by Date: Re: SMTP Server unreachable through VPN
- Previous by thread: Simple netmask question, could some one please answer this question for me.
- Next by thread: Re: Simple netmask question, could some one please answer this question for me.
- Index(es):
Relevant Pages
|
