• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 342
  • Last Modified:

Setting up a sub-network....? HELP!?!

I have what is probably a pretty basic networking question but I'm a novice in that department, so here goes.

Current setup:
I have a Nexland ISB Pro800 Turbo connected to a broadband connection.  Connected to the Nexland Router is two Desktop machines, an wireless access point, and three laptops (give or take) connecting through the access point.

The Nexland Router is set up as a DHCP server and has a static IP from the ISP.

I want to set up sub-network within this current network by adding a Netgear router and two computers (hooked to the netgear).  The Netgear router would be set up as a DHCP server, or am I able to do this.

To top it off, I want to add a second broadband connection to the Nexland router which would be a DHCP connection.  The two networks MUST not be able to see each other but be able to share the two broadband connections.

The reason I'm doing this is because we wish to create some internet redundancy (the ISPs are different companies with unique backbones) as well as increase performance.

I'm not sure about how to go through the setup.  Are there any good websites or books that you could suggest to give me more information on this subject.  I've read the manual for the Nexland router front-to-back quite a few times but still haven't gotten the whole idea.  Any help would be greatly appreciated!

Thanks,
Nathan
0
redbna
Asked:
redbna
  • 9
  • 7
  • 3
  • +1
1 Solution
 
night_monkeyCommented:
i'm just listening in here... =)
0
 
Netman66Commented:
Well......

You can use a Netgear or Linksys router hanging off the Nexland - yes.

You configure the Netgear or Linksys to use DHCP on it's WAN interface which in turn you connect to the Nexland LAN.  This gets one connection done.

Now, within the Netgear or Linksys routers realm you can configure it as a DHCP server and whatever is connected to it will be serviced by it.  As long as you are using properly subnetted networks the two LANs should not be able to see each other but the aggregate connection from the Nexland should be transparent to all workstations.

The Nexland will require another DSL interface and must be properly configure to either load balance the connections or use one as a fall-back route (higher metric).

This is just a mile-high look at it, but it is possible to get working.

Hope this helps.
0
 
redbnaAuthor Commented:
Thanks, it does help a bit.. I guess what I'm looking for and needing is a little more explicit information as I'm pretty new to the subnet setups and such :)
0
SMB Security Just Got a Layer Stronger

WatchGuard acquires Percipient Networks to extend protection to the DNS layer, further increasing the value of Total Security Suite.  Learn more about what this means for you and how you can improve your security with WatchGuard today!

 
Netman66Commented:
OK, what is your private address space off the Nexland (with the subnet mask)?

I will try to explain.

In the meantime, interesting reading for starters:

http://www.ralphb.net/IPSubnet/

Advise.
0
 
redbnaAuthor Commented:
Thanks, it does help a bit.. I guess what I'm looking for and needing is a little more explicit information as I'm pretty new to the subnet setups and such :)
0
 
redbnaAuthor Commented:
sorry for the repeat statement, not sure how that got there 'cept i reloaded the page.  Reading the link right now.

Thanks
0
 
Flash828Commented:
Here is the scenario:

  * Nexland is connected to ISP 1 and recieves an IP address from ISP 1 for its external interface

  * Nexland also has a switch either in it or connected to it, which has an internal IP address in the private class C range... im going to assume its 192.168.1.0 with a subnet mask of 255.255.255.0 (a Class C subnet mask for the entire host range).

Now we run into a problem.  Your Nexland router probably only has ONE external interface.  This would prevent you from connect the Nexland router to another ISP for redundancy.  However you CAN connect your netgear router to your second ISP, and have a crossover cable between the two switches.  This would cause two issues however.

  #1) Your netgear router would have an IP address on the internal network on the same range as the other machines (in my example also on 192.168.1.0).  I will give the netgear an IP of 192.168.1.2 for arguments sake, and the Nexland will be 192.168.1.1.  The problem here, is that most windows machines will accept a default gateway and sometimes additional gateways.  However if a gateway fails most versions of windows wont even go to the other gateways specified.  So if your internet connection fails, you will have to change the default gateway on the machines and in some versions of windows require a restart.  This will have failed to meet one or more of your objectives (namely networks being different, and redundant failover).

Since your master router, the Nexland, has only one external interface this makes your objectives impossible (redundant failover, where if one router fails the other will automatically take over).

However if you would like to meet only your secondary objective of isolating two networks (but with only one ISP available without having to switch IP's for the default gateway), then you can have your Nexland router on the 192.168.1.0 network internally, connect machines to it, then connect the external interface of your netgear to the Nexland, and give the netgear network 192.168.2.0, then you would have isolated the network beneath the netgear from the network beneath the nexland.  This would also allow both routers to provide DHCP support for their respective networks (the Nexland will serve 192.168.1.0, and the netgear will serve 192.168.2.0).  What you are looking for is provided by more "high-end" routers, such as Cisco routers.

These solutions, however, are do-able if you have a PC (with Linux preferably) acting as the router for your network.  You can stick in as many ethernet cards as you want in it... in your case three.  One to connect to ISP#1, one to connect to ISP#2, and one to connect to a switch.

Unless someone knows something I dont, I have to conclude that this is not possible with your equipment
0
 
Flash828Commented:
BTW, in either case, since you are using private address space there is no reason to complicate things by subnetting the 192.168.1.0 network.  You can just grab another private class C address space such as anything in the 192.168.xxx.0 range of networks, where 0 < xxx < 254
0
 
redbnaAuthor Commented:
The nexland router does have two external interfaces.  This allows it to do load balancing as well a fail-over switching.

http://www.nexland.com/turbo.cfm

The other information is helpful though
0
 
redbnaAuthor Commented:
I've managed to get the network basically put together as follows.

Segment 0
Router 1 (Nexland)

WAN 1 Input: ISP A (Static IP)
WAN 2 Input: ISP B (DHCP)

LAN ports 1-8 as follows (DHCP) IP: 192.168.0.1 Subnet Mask 255.255.255.0
1: Netgear Router 192.168.0.2
2: Desktop 1 - 192.168.0.3
3: Desktop 2 - 192.168.0.4
4: Wireless Access Point - 192.168.0.5
5: Wireless Laptop 1 - 192.168.0.6
6: Wireless Laptop 2 - 192.168.0.7
7: Wireless Laptop 3 - 192.168.0.8

Segment 1
Router 2 (Netgear RP114)
WAN Input: to Nexland (DHCP)
LAN ports 1-4 as follows (DHCP) IP: 192.168.1.1 Subnet Mask 255.255.255.0
Desktop 1a - 192.168.1.2
Desktop 1b - 192.168.1.3

From either of the desktops on Segment 1 I can talk to the netgear router (ping) no problem.  However am not able to ping the Nexland router on Segment 0.  From any of the computers on Segment 0 I have not problem pinging the Nexland router or the Netgear router.  Both routers are RIP2 compatible however there isn't the option of setting for that on the Nexland router.  The Netgear router gives you the option of RIP-1, RIP-2B, RIP-2M as well as a setting for RIP direction (in only, out only, or both)  I was under the impression that RIP-2 allows the routers to do the necessary traffic routing between the routers without me specifying a routing table.  Am I correct.
Right now it seems that the routers are working correctly but within their segments but are not routing traffic between the segments.
Any suggestions?
0
 
Flash828Commented:
Oh... wow... Okay.  I appologize for that, didn't think that that was the case.  Thought thats why you were going for the other netgear.

In that case, here will be your network topology:

Your Nexland will be connected to both ISP's through its two seperate External Interfaces.  It will aquire a DHCP address (or static address, depending on your ISP), from your ISP.  If it will be on DHCP, the ISP will provide you with no written network information.  If they are static, your ISP will give it to you written.  The internal interfaces will be served via the Nexland's DHCP server, and will likely have an address range of 192.168.1.0/24 (the /24 means it will have 24 bits of a binary 1 mask... which is 255... so three fields of 255's (each field is one byte=8 bits).

Connect the netgear's external interface to a port on the Nexland.  Set the netgear to aquire an IP via DHCP... eg the DHCP server of your Nexland will serve the netgear an external IP of 192.168.1.x where x is a number in the range of your DHCP settings (most ussually start at 100, but this is configurable).

Change your netgear's internal DHCP server to serve IP's in the 192.168.2.0/24 range.  Now you have two seperate networks, 192.168.1.0/24 served to the entire Nexland network, however your Netgear uses this only as its external IP.  Internally, the netgear will be 192.168.2.0/24, thus the network on the inside of the netgear will not be able to natively see the Nexland's network (unless explicity told to... eg. if someone enters in 192.168.1.5, they WOULD be able to access that machine, however they wont see it in network neighborhood because its a different broadcast domain).  However there is one more step to ensure proper operation.

In the static routing settings for your Nexland, you should tell it that 192.168.2.0/24 should be routed via an internal interface, however if you dont do this it probably will still route correctly, depending on what kind of dynamic routing is supported by both routers.
0
 
Flash828Commented:
Wow you beat me on that.
0
 
Flash828Commented:
You should also configure the netgear to be a router, not a gateway.  This will drop the firewall capabilities on it since they are not needed.
0
 
Flash828Commented:
the firewall might be whats causing the traffic to appear to not route.  Remember the WAN interface is by default firewalled.
0
 
redbnaAuthor Commented:
hmmm...

was sort of trying to keep the firewall intact because I don't want segment 0 computers to be able to access segment 1 computers.

hey, on the bright side... i'm learning a lot more about networks :)

0
 
redbnaAuthor Commented:
Got it to work somehow... Can now ping an internet site as well as computers from segment 0 including nexland router from a workstation within segment 1.  Haven't resolved DNS issues yet.  Do I use the same dns server address (one provided by ISP) as i did with the nexland?

Thanks for all the help so far!
0
 
Flash828Commented:
The netgear will pick it up from the DHCP server on the Nexland.... and then distribute it to it's DHCP clients
0
 
Netman66Commented:
You must supply the same DNS settings in the Netgear as is supplied by the Nexland - this doesn't flow through.  So you'll have to bang them in to Netgear's DHCP settings.  I assume they will be the ISP's DNS.

With respect to the ping issue from Netgear LAN - I would imagine the ping gets to destination, but is blocked coming back by the Netgear.  There's likely a setting for "block WAN requests"  - you can safely turn off all the firewalling features of this router because it's internal to you network and protected by the Nexland and perhaps a firewall (if that's what you have).

0
 
redbnaAuthor Commented:
Thanks for all the help guys.  The link to IPs and Subnets got me going in the right direction.  Decided to go with the simplier way of doing it though.

Still haven't figured out why the netgear router won't pick up dns info.  Entered dns info into it's setup (same dns infor as on nexland) and it still isn't working.  Can ping w/out any problems just can't get addresses.

Started using a laptop for testing purposes as to reduce variables.  Laptop works fine on segment 0, pings fine on segment 1, but can't get dns info on segment 1.

I might try and open a new question regarding this specific issue.  Also, here's another couple of good sites for IP info, helped me a lot.

http://www.ipprimer.com/overview.cfm

http://www.sangoma.com/fguide.htm
0
 
redbnaAuthor Commented:
Not sure exactly what happened but had had the netgear unplugged for a day, plugged it back in, did NOT make any changes and for no explained reason, I'm now getting dns.  WEB surfing works fine.  Nuff said.... Anyway, once again thanks for all the information and suggestions.  It really helped.
0

Featured Post

Will You Be GDPR Compliant by 5/28/2018?

GDPR? That's a regulation for the European Union. But, if you collect data from customers or employees within the EU, then you need to know about GDPR and make sure your organization is compliant by May 2018. Check out our preparation checklist to make sure you're on track today!

  • 9
  • 7
  • 3
  • +1
Tackle projects and never again get stuck behind a technical roadblock.
Join Now