Solved

Setting up subnet mask

Posted on 2002-07-19
13
394 Views
Last Modified: 2013-11-13
Hi folks,

I'm running several computer labs, but all computers and printers are on the same subnet.  The problem is, computers in Lab A (for example) can "see" computers in Lab B (especially true in Mac).

And I'm wondering if there is any way to separate them by further dividing the subnet via changing subnet mas (right now, it's 255.255.255.0).  Each lab has a series of consecutive IP addresses.  For example,

Lab A uses from xxx.xxx.123.10 to xxx.xxx.123.35, and
Lab B uses from xxx.xxx.123.36 to xxx.xxx.123.60, etc.

Any help will be appreciated!  ~elpmet
0
Comment
Question by:elpmet
  • 4
  • 3
  • 3
  • +2
13 Comments
 
LVL 3

Accepted Solution

by:
gandalf94305 earned 50 total points
ID: 7165132
You can always run more than one subnet on a single physical network. Just use disjoint ranges of addresses.

Example:

Lab A - xxx.xxx.123.1 to 30, subnet mask 255.255.255.224 broadcast xxx.xxx.123.31

Lab B - xxx.xxx.123.33 to 62, subnet mask 255.255.255.224 broadcast xxx.xxx.123.63

Lab C - xxx.xxx.123.65 to 94, subnet mask 255.255.255.224 broadcast xxx.xxx.123.95

and so on...

Using a network sniffer, each machine will still be able to see the other machines' traffic, however, in normal operation this will not be the case.

For machines in Lab A to talk to the other Lab B and Lab C machines, you will need a router. The easiest way would be to assign three IP addresses, one from each network, to a special machine which would also be defined as the (possibly default) router for each of the lab networks.

Cheers,
--gandalf.
0
 
LVL 3

Expert Comment

by:gandalf94305
ID: 7165160
Ah, just in case you were wondering why I used the magic numbers 1..30, 33..62, etc.:

The subnet mask defines which bits belong to the network and which to the host part of an IP address. Thus, 255.255.255.224 (FFFFFFE0) will leave the last six bits for the host part (123 is hexadecimal 7B):

xxxx7B01..xxxx7B1E (...1 to ...30) gives you a network mask of FFFFFFE0. The host part all one bits is the broadcast address, i.e., for that network: xxxx7B1F (...31).

You cannot have boundaries after 36 hosts. The number of hosts in a subnet is limited to a power of two minus two. Possible numbers are 2, 6, 14, 30, 62, 126, 254, ...

Cheers,
--gandalf.
0
 
LVL 2

Expert Comment

by:edmonds_robert
ID: 7165161
Use the subnet mask 255.255.255.192.  This will give you a 4 possible subnets with 62 useable IP addresses per subnet.  For example, if your existing subnet is:
192.168.123.1 through 192.168.123.254 now;

You would then have:
192.168.123.1 through 192.168.123.62
192.168.123.65 through 192.168.123.126
192.168.123.129 through 192.168.123.190
192.168.123.193 through 192.168.123.254

The first and last IP addresses in each subnet are not useable because they are reserved for the network number and broadcast address for the subnet, respectively.

0
 
LVL 79

Expert Comment

by:lrmoore
ID: 7168109
All of these suggestions assume that you run TCP/IP only. I doubt that is the case and I'll bet NETBEUI and APPLETALK, possibly IPX/SPX are also running (enabled by default install on Windows 9x/NT). Changing the IP subnet mask will not make a difference. You will have to disable NETBEUI and IPX/SPX everywhere before even considering changing the subnets. Then you have to decide if there is ever a need to communicate between labs. In that case you will need something to route the packets between subnets.
0
 
LVL 79

Expert Comment

by:lrmoore
ID: 7201875
Have any of these comments been of any help to you? Do you need more information?
0
 

Expert Comment

by:helmet_js
ID: 7228337
Robert,

The example in you proposed answer is incorrect.

192.168.123.0/26 and 192.168.123.192/26 are technically NOT valid subnets.  The first one (192.168.123.0/26) can be used with IP Subnet Zero enabled on Cisco routers.  However the 192.168.123.192/26 subnet is invalid as the address 192.168.123.255 can not be both the network broadcast address for 192.168.123.0/24 (Since this is a Class C address) and the subnetwork broadcast address for 192.168.123.255.

Hope this helps.
0
Highfive Gives IT Their Time Back

Highfive is so simple that setting up every meeting room takes just minutes and every employee will be able to start or join a call from any room with ease. Never be called into a meeting just to get it started again. This is how video conferencing should work!

 
LVL 2

Expert Comment

by:edmonds_robert
ID: 7228449
helmet_js,
Look at the subnet mask.  It is /26 or 255.255.255.192.  This gives you the following subnets.

192.168.123.0
192.168.123.64
192.168.123.128
192.168.123.192

And the subnet 192.168.123.192 IS a valid subnet address.  And the broadcast address IS 192.168.123.255.  For the 192.168.123.0 subnet, the broadcast address is 192.168.123.63.  I am suggesting using the /26 subnet mask for the whole network, not for one subnet.

Get a subnet calculator.
0
 

Expert Comment

by:helmet_js
ID: 7228510
Robert,

I do not need a subnet calculator and I did not say 192.168.123.0/26's subnet broadcast address is the 192.168.123.255.  I did say that 192.168.123.0 is a Class C address and as such, 192.168.123.0 is the network address and 192.168.123.255 is the network broadcast address for the whole class C.  Having that been said, a network broadcast address and a subnetwork broadcast address can NOT be the same IP.  Therefore, 192.168.123.192/26 is not technically a valid subnet since the subnetwork broadcast address would be 192.168.123.255.

Get a book on IP.
0
 
LVL 2

Expert Comment

by:edmonds_robert
ID: 7228516
Also,
As of IOS version 12.0, Cisco routers now have ip subnet-zero enabled by default. You can use the no ip subnet-zero command to restrict the use of subnet zero addresses.

http://www.cisco.com/warp/public/105/40.html
0
 
LVL 79

Expert Comment

by:lrmoore
ID: 7228605
Can I throw my two cents in?
You're both right.
Strict RFC classful behavior dictates that subnet zero and the broadcast subnet are not useable.
CIDR standards change that.
Cisco fully supports CIDR with "subnet zero" and "ip classless" commands in the IOS.
Microsoft does not adhere to the RFC's
Apple does
Novell ??
I don't think we can make the assumption that this network in question with its mix of operating systems and network OS's will fully support anything other than strict classful standards.


0
 

Expert Comment

by:helmet_js
ID: 7229084
lrmoore,

I completely agree with you.  And the reason behind the use of the "not technically valid" statement.
0
 
LVL 79

Expert Comment

by:lrmoore
ID: 7938062
No comment has been added lately, so it's time to clean up this TA.
I will leave a recommendation in the Cleanup topic area for this question:

I recommend: moderator support. Recommend split between lrmoore and gandalf

if there is any objection or other expert commentary to this recommendation then please post in here within 7 days.
If you feel that your question was not properly addressed, or that none of the comments received were appropriate answers, please post a request in Community support (with a link to this page) to refund your points. http://www.experts-exchange.com/Community_Support/

PLEASE DO NOT ACCEPT THIS COMMENT AS AN ANSWER!

thanks,
lrmoore
EE Cleanup Volunteer
---------------------
0
 
LVL 1

Expert Comment

by:Computer101
ID: 7963486
lrmoore, look for your question in this topic area

Computer101
E-E Admin
0

Featured Post

Find Ransomware Secrets With All-Source Analysis

Ransomware has become a major concern for organizations; its prevalence has grown due to past successes achieved by threat actors. While each ransomware variant is different, we’ve seen some common tactics and trends used among the authors of the malware.

Join & Write a Comment

SSL is a very common protocol used these days when browsing the web.  The purpose is to provide security to communication, but how does it do it?  There are several pieces at work that have to be setup before SSL will even work and it requires both …
Let’s list some of the technologies that enable smooth teleworking. 
Viewers will learn how to connect to a wireless network using the network security key. They will also learn how to access the IP address and DNS server for connections that must be done manually. After setting up a router, find the network security…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

746 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

12 Experts available now in Live!

Get 1:1 Help Now