Solved

Setting up subnet mask

Posted on 2002-07-19
13
415 Views
Last Modified: 2013-11-13
Hi folks,

I'm running several computer labs, but all computers and printers are on the same subnet.  The problem is, computers in Lab A (for example) can "see" computers in Lab B (especially true in Mac).

And I'm wondering if there is any way to separate them by further dividing the subnet via changing subnet mas (right now, it's 255.255.255.0).  Each lab has a series of consecutive IP addresses.  For example,

Lab A uses from xxx.xxx.123.10 to xxx.xxx.123.35, and
Lab B uses from xxx.xxx.123.36 to xxx.xxx.123.60, etc.

Any help will be appreciated!  ~elpmet
0
Comment
Question by:elpmet
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 3
  • 3
  • +2
13 Comments
 
LVL 3

Accepted Solution

by:
gandalf94305 earned 50 total points
ID: 7165132
You can always run more than one subnet on a single physical network. Just use disjoint ranges of addresses.

Example:

Lab A - xxx.xxx.123.1 to 30, subnet mask 255.255.255.224 broadcast xxx.xxx.123.31

Lab B - xxx.xxx.123.33 to 62, subnet mask 255.255.255.224 broadcast xxx.xxx.123.63

Lab C - xxx.xxx.123.65 to 94, subnet mask 255.255.255.224 broadcast xxx.xxx.123.95

and so on...

Using a network sniffer, each machine will still be able to see the other machines' traffic, however, in normal operation this will not be the case.

For machines in Lab A to talk to the other Lab B and Lab C machines, you will need a router. The easiest way would be to assign three IP addresses, one from each network, to a special machine which would also be defined as the (possibly default) router for each of the lab networks.

Cheers,
--gandalf.
0
 
LVL 3

Expert Comment

by:gandalf94305
ID: 7165160
Ah, just in case you were wondering why I used the magic numbers 1..30, 33..62, etc.:

The subnet mask defines which bits belong to the network and which to the host part of an IP address. Thus, 255.255.255.224 (FFFFFFE0) will leave the last six bits for the host part (123 is hexadecimal 7B):

xxxx7B01..xxxx7B1E (...1 to ...30) gives you a network mask of FFFFFFE0. The host part all one bits is the broadcast address, i.e., for that network: xxxx7B1F (...31).

You cannot have boundaries after 36 hosts. The number of hosts in a subnet is limited to a power of two minus two. Possible numbers are 2, 6, 14, 30, 62, 126, 254, ...

Cheers,
--gandalf.
0
 
LVL 2

Expert Comment

by:edmonds_robert
ID: 7165161
Use the subnet mask 255.255.255.192.  This will give you a 4 possible subnets with 62 useable IP addresses per subnet.  For example, if your existing subnet is:
192.168.123.1 through 192.168.123.254 now;

You would then have:
192.168.123.1 through 192.168.123.62
192.168.123.65 through 192.168.123.126
192.168.123.129 through 192.168.123.190
192.168.123.193 through 192.168.123.254

The first and last IP addresses in each subnet are not useable because they are reserved for the network number and broadcast address for the subnet, respectively.

0
PeopleSoft Has Never Been Easier

PeopleSoft Adoption Made Smooth & Simple!

On-The-Job Training Is made Intuitive & Easy With WalkMe's On-Screen Guidance Tool.  Claim Your Free WalkMe Account Now

 
LVL 79

Expert Comment

by:lrmoore
ID: 7168109
All of these suggestions assume that you run TCP/IP only. I doubt that is the case and I'll bet NETBEUI and APPLETALK, possibly IPX/SPX are also running (enabled by default install on Windows 9x/NT). Changing the IP subnet mask will not make a difference. You will have to disable NETBEUI and IPX/SPX everywhere before even considering changing the subnets. Then you have to decide if there is ever a need to communicate between labs. In that case you will need something to route the packets between subnets.
0
 
LVL 79

Expert Comment

by:lrmoore
ID: 7201875
Have any of these comments been of any help to you? Do you need more information?
0
 

Expert Comment

by:helmet_js
ID: 7228337
Robert,

The example in you proposed answer is incorrect.

192.168.123.0/26 and 192.168.123.192/26 are technically NOT valid subnets.  The first one (192.168.123.0/26) can be used with IP Subnet Zero enabled on Cisco routers.  However the 192.168.123.192/26 subnet is invalid as the address 192.168.123.255 can not be both the network broadcast address for 192.168.123.0/24 (Since this is a Class C address) and the subnetwork broadcast address for 192.168.123.255.

Hope this helps.
0
 
LVL 2

Expert Comment

by:edmonds_robert
ID: 7228449
helmet_js,
Look at the subnet mask.  It is /26 or 255.255.255.192.  This gives you the following subnets.

192.168.123.0
192.168.123.64
192.168.123.128
192.168.123.192

And the subnet 192.168.123.192 IS a valid subnet address.  And the broadcast address IS 192.168.123.255.  For the 192.168.123.0 subnet, the broadcast address is 192.168.123.63.  I am suggesting using the /26 subnet mask for the whole network, not for one subnet.

Get a subnet calculator.
0
 

Expert Comment

by:helmet_js
ID: 7228510
Robert,

I do not need a subnet calculator and I did not say 192.168.123.0/26's subnet broadcast address is the 192.168.123.255.  I did say that 192.168.123.0 is a Class C address and as such, 192.168.123.0 is the network address and 192.168.123.255 is the network broadcast address for the whole class C.  Having that been said, a network broadcast address and a subnetwork broadcast address can NOT be the same IP.  Therefore, 192.168.123.192/26 is not technically a valid subnet since the subnetwork broadcast address would be 192.168.123.255.

Get a book on IP.
0
 
LVL 2

Expert Comment

by:edmonds_robert
ID: 7228516
Also,
As of IOS version 12.0, Cisco routers now have ip subnet-zero enabled by default. You can use the no ip subnet-zero command to restrict the use of subnet zero addresses.

http://www.cisco.com/warp/public/105/40.html
0
 
LVL 79

Expert Comment

by:lrmoore
ID: 7228605
Can I throw my two cents in?
You're both right.
Strict RFC classful behavior dictates that subnet zero and the broadcast subnet are not useable.
CIDR standards change that.
Cisco fully supports CIDR with "subnet zero" and "ip classless" commands in the IOS.
Microsoft does not adhere to the RFC's
Apple does
Novell ??
I don't think we can make the assumption that this network in question with its mix of operating systems and network OS's will fully support anything other than strict classful standards.


0
 

Expert Comment

by:helmet_js
ID: 7229084
lrmoore,

I completely agree with you.  And the reason behind the use of the "not technically valid" statement.
0
 
LVL 79

Expert Comment

by:lrmoore
ID: 7938062
No comment has been added lately, so it's time to clean up this TA.
I will leave a recommendation in the Cleanup topic area for this question:

I recommend: moderator support. Recommend split between lrmoore and gandalf

if there is any objection or other expert commentary to this recommendation then please post in here within 7 days.
If you feel that your question was not properly addressed, or that none of the comments received were appropriate answers, please post a request in Community support (with a link to this page) to refund your points. http://www.experts-exchange.com/Community_Support/

PLEASE DO NOT ACCEPT THIS COMMENT AS AN ANSWER!

thanks,
lrmoore
EE Cleanup Volunteer
---------------------
0
 
LVL 1

Expert Comment

by:Computer101
ID: 7963486
lrmoore, look for your question in this topic area

Computer101
E-E Admin
0

Featured Post

Why Off-Site Backups Are The Only Way To Go

You are probably backing up your data—but how and where? Ransomware is on the rise and there are variants that specifically target backups. Read on to discover why off-site is the way to go.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Recommendation for open source Monitoring 7 102
Add HP 8210 Printer to Airport Extreme with USB 5 66
Active Directory permissions 5 45
external website is 16 41
When it comes to security, there are always trade-offs between security and convenience/ease of administration. This article examines some of the main pros and cons of using key authentication vs password authentication for hosting an SFTP server.
When you try to share a printer , you may receive one of the following error messages. Error message when you use the Add Printer Wizard to share a printer: Windows could not share your printer. Operation could not be completed (Error 0x000006…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

752 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question