?
Solved

Setting up a sub-network....? HELP!?!

Posted on 2003-03-10
20
Medium Priority
?
257 Views
Last Modified: 2010-08-05
I have what is probably a pretty basic networking question but I'm a novice in that department, so here goes.

Current setup:
I have a Nexland ISB Pro800 Turbo connected to a broadband connection.  Connected to the Nexland Router is two Desktop machines, an wireless access point, and three laptops (give or take) connecting through the access point.

The Nexland Router is set up as a DHCP server and has a static IP from the ISP.

I want to set up sub-network within this current network by adding a Netgear router and two computers (hooked to the netgear).  The Netgear router would be set up as a DHCP server, or am I able to do this.

To top it off, I want to add a second broadband connection to the Nexland router which would be a DHCP connection.  The two networks MUST not be able to see each other but be able to share the two broadband connections.

The reason I'm doing this is because we wish to create some internet redundancy (the ISPs are different companies with unique backbones) as well as increase performance.

I'm not sure about how to go through the setup.  Are there any good websites or books that you could suggest to give me more information on this subject.  I've read the manual for the Nexland router front-to-back quite a few times but still haven't gotten the whole idea.  Any help would be greatly appreciated!

Thanks,
Nathan
0
Comment
Question by:redbna
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 9
  • 7
  • 3
  • +1
20 Comments
 
LVL 6

Expert Comment

by:night_monkey
ID: 8107831
i'm just listening in here... =)
0
 
LVL 51

Expert Comment

by:Netman66
ID: 8108151
Well......

You can use a Netgear or Linksys router hanging off the Nexland - yes.

You configure the Netgear or Linksys to use DHCP on it's WAN interface which in turn you connect to the Nexland LAN.  This gets one connection done.

Now, within the Netgear or Linksys routers realm you can configure it as a DHCP server and whatever is connected to it will be serviced by it.  As long as you are using properly subnetted networks the two LANs should not be able to see each other but the aggregate connection from the Nexland should be transparent to all workstations.

The Nexland will require another DSL interface and must be properly configure to either load balance the connections or use one as a fall-back route (higher metric).

This is just a mile-high look at it, but it is possible to get working.

Hope this helps.
0
 

Author Comment

by:redbna
ID: 8108242
Thanks, it does help a bit.. I guess what I'm looking for and needing is a little more explicit information as I'm pretty new to the subnet setups and such :)
0
Optimize your web performance

What's in the eBook?
- Full list of reasons for poor performance
- Ultimate measures to speed things up
- Primary web monitoring types
- KPIs you should be monitoring in order to increase your ROI

 
LVL 51

Accepted Solution

by:
Netman66 earned 1000 total points
ID: 8108334
OK, what is your private address space off the Nexland (with the subnet mask)?

I will try to explain.

In the meantime, interesting reading for starters:

http://www.ralphb.net/IPSubnet/

Advise.
0
 

Author Comment

by:redbna
ID: 8108674
Thanks, it does help a bit.. I guess what I'm looking for and needing is a little more explicit information as I'm pretty new to the subnet setups and such :)
0
 

Author Comment

by:redbna
ID: 8108683
sorry for the repeat statement, not sure how that got there 'cept i reloaded the page.  Reading the link right now.

Thanks
0
 
LVL 3

Expert Comment

by:Flash828
ID: 8110778
Here is the scenario:

  * Nexland is connected to ISP 1 and recieves an IP address from ISP 1 for its external interface

  * Nexland also has a switch either in it or connected to it, which has an internal IP address in the private class C range... im going to assume its 192.168.1.0 with a subnet mask of 255.255.255.0 (a Class C subnet mask for the entire host range).

Now we run into a problem.  Your Nexland router probably only has ONE external interface.  This would prevent you from connect the Nexland router to another ISP for redundancy.  However you CAN connect your netgear router to your second ISP, and have a crossover cable between the two switches.  This would cause two issues however.

  #1) Your netgear router would have an IP address on the internal network on the same range as the other machines (in my example also on 192.168.1.0).  I will give the netgear an IP of 192.168.1.2 for arguments sake, and the Nexland will be 192.168.1.1.  The problem here, is that most windows machines will accept a default gateway and sometimes additional gateways.  However if a gateway fails most versions of windows wont even go to the other gateways specified.  So if your internet connection fails, you will have to change the default gateway on the machines and in some versions of windows require a restart.  This will have failed to meet one or more of your objectives (namely networks being different, and redundant failover).

Since your master router, the Nexland, has only one external interface this makes your objectives impossible (redundant failover, where if one router fails the other will automatically take over).

However if you would like to meet only your secondary objective of isolating two networks (but with only one ISP available without having to switch IP's for the default gateway), then you can have your Nexland router on the 192.168.1.0 network internally, connect machines to it, then connect the external interface of your netgear to the Nexland, and give the netgear network 192.168.2.0, then you would have isolated the network beneath the netgear from the network beneath the nexland.  This would also allow both routers to provide DHCP support for their respective networks (the Nexland will serve 192.168.1.0, and the netgear will serve 192.168.2.0).  What you are looking for is provided by more "high-end" routers, such as Cisco routers.

These solutions, however, are do-able if you have a PC (with Linux preferably) acting as the router for your network.  You can stick in as many ethernet cards as you want in it... in your case three.  One to connect to ISP#1, one to connect to ISP#2, and one to connect to a switch.

Unless someone knows something I dont, I have to conclude that this is not possible with your equipment
0
 
LVL 3

Expert Comment

by:Flash828
ID: 8110793
BTW, in either case, since you are using private address space there is no reason to complicate things by subnetting the 192.168.1.0 network.  You can just grab another private class C address space such as anything in the 192.168.xxx.0 range of networks, where 0 < xxx < 254
0
 

Author Comment

by:redbna
ID: 8112326
The nexland router does have two external interfaces.  This allows it to do load balancing as well a fail-over switching.

http://www.nexland.com/turbo.cfm

The other information is helpful though
0
 

Author Comment

by:redbna
ID: 8115488
I've managed to get the network basically put together as follows.

Segment 0
Router 1 (Nexland)

WAN 1 Input: ISP A (Static IP)
WAN 2 Input: ISP B (DHCP)

LAN ports 1-8 as follows (DHCP) IP: 192.168.0.1 Subnet Mask 255.255.255.0
1: Netgear Router 192.168.0.2
2: Desktop 1 - 192.168.0.3
3: Desktop 2 - 192.168.0.4
4: Wireless Access Point - 192.168.0.5
5: Wireless Laptop 1 - 192.168.0.6
6: Wireless Laptop 2 - 192.168.0.7
7: Wireless Laptop 3 - 192.168.0.8

Segment 1
Router 2 (Netgear RP114)
WAN Input: to Nexland (DHCP)
LAN ports 1-4 as follows (DHCP) IP: 192.168.1.1 Subnet Mask 255.255.255.0
Desktop 1a - 192.168.1.2
Desktop 1b - 192.168.1.3

From either of the desktops on Segment 1 I can talk to the netgear router (ping) no problem.  However am not able to ping the Nexland router on Segment 0.  From any of the computers on Segment 0 I have not problem pinging the Nexland router or the Netgear router.  Both routers are RIP2 compatible however there isn't the option of setting for that on the Nexland router.  The Netgear router gives you the option of RIP-1, RIP-2B, RIP-2M as well as a setting for RIP direction (in only, out only, or both)  I was under the impression that RIP-2 allows the routers to do the necessary traffic routing between the routers without me specifying a routing table.  Am I correct.
Right now it seems that the routers are working correctly but within their segments but are not routing traffic between the segments.
Any suggestions?
0
 
LVL 3

Expert Comment

by:Flash828
ID: 8115502
Oh... wow... Okay.  I appologize for that, didn't think that that was the case.  Thought thats why you were going for the other netgear.

In that case, here will be your network topology:

Your Nexland will be connected to both ISP's through its two seperate External Interfaces.  It will aquire a DHCP address (or static address, depending on your ISP), from your ISP.  If it will be on DHCP, the ISP will provide you with no written network information.  If they are static, your ISP will give it to you written.  The internal interfaces will be served via the Nexland's DHCP server, and will likely have an address range of 192.168.1.0/24 (the /24 means it will have 24 bits of a binary 1 mask... which is 255... so three fields of 255's (each field is one byte=8 bits).

Connect the netgear's external interface to a port on the Nexland.  Set the netgear to aquire an IP via DHCP... eg the DHCP server of your Nexland will serve the netgear an external IP of 192.168.1.x where x is a number in the range of your DHCP settings (most ussually start at 100, but this is configurable).

Change your netgear's internal DHCP server to serve IP's in the 192.168.2.0/24 range.  Now you have two seperate networks, 192.168.1.0/24 served to the entire Nexland network, however your Netgear uses this only as its external IP.  Internally, the netgear will be 192.168.2.0/24, thus the network on the inside of the netgear will not be able to natively see the Nexland's network (unless explicity told to... eg. if someone enters in 192.168.1.5, they WOULD be able to access that machine, however they wont see it in network neighborhood because its a different broadcast domain).  However there is one more step to ensure proper operation.

In the static routing settings for your Nexland, you should tell it that 192.168.2.0/24 should be routed via an internal interface, however if you dont do this it probably will still route correctly, depending on what kind of dynamic routing is supported by both routers.
0
 
LVL 3

Expert Comment

by:Flash828
ID: 8115512
Wow you beat me on that.
0
 
LVL 3

Expert Comment

by:Flash828
ID: 8115526
You should also configure the netgear to be a router, not a gateway.  This will drop the firewall capabilities on it since they are not needed.
0
 
LVL 3

Expert Comment

by:Flash828
ID: 8115528
the firewall might be whats causing the traffic to appear to not route.  Remember the WAN interface is by default firewalled.
0
 

Author Comment

by:redbna
ID: 8115720
hmmm...

was sort of trying to keep the firewall intact because I don't want segment 0 computers to be able to access segment 1 computers.

hey, on the bright side... i'm learning a lot more about networks :)

0
 

Author Comment

by:redbna
ID: 8115929
Got it to work somehow... Can now ping an internet site as well as computers from segment 0 including nexland router from a workstation within segment 1.  Haven't resolved DNS issues yet.  Do I use the same dns server address (one provided by ISP) as i did with the nexland?

Thanks for all the help so far!
0
 
LVL 3

Expert Comment

by:Flash828
ID: 8116421
The netgear will pick it up from the DHCP server on the Nexland.... and then distribute it to it's DHCP clients
0
 
LVL 51

Expert Comment

by:Netman66
ID: 8116458
You must supply the same DNS settings in the Netgear as is supplied by the Nexland - this doesn't flow through.  So you'll have to bang them in to Netgear's DHCP settings.  I assume they will be the ISP's DNS.

With respect to the ping issue from Netgear LAN - I would imagine the ping gets to destination, but is blocked coming back by the Netgear.  There's likely a setting for "block WAN requests"  - you can safely turn off all the firewalling features of this router because it's internal to you network and protected by the Nexland and perhaps a firewall (if that's what you have).

0
 

Author Comment

by:redbna
ID: 8131433
Thanks for all the help guys.  The link to IPs and Subnets got me going in the right direction.  Decided to go with the simplier way of doing it though.

Still haven't figured out why the netgear router won't pick up dns info.  Entered dns info into it's setup (same dns infor as on nexland) and it still isn't working.  Can ping w/out any problems just can't get addresses.

Started using a laptop for testing purposes as to reduce variables.  Laptop works fine on segment 0, pings fine on segment 1, but can't get dns info on segment 1.

I might try and open a new question regarding this specific issue.  Also, here's another couple of good sites for IP info, helped me a lot.

http://www.ipprimer.com/overview.cfm

http://www.sangoma.com/fguide.htm
0
 

Author Comment

by:redbna
ID: 8132449
Not sure exactly what happened but had had the netgear unplugged for a day, plugged it back in, did NOT make any changes and for no explained reason, I'm now getting dns.  WEB surfing works fine.  Nuff said.... Anyway, once again thanks for all the information and suggestions.  It really helped.
0

Featured Post

What is SQL Server and how does it work?

The purpose of this paper is to provide you background on SQL Server. It’s your self-study guide for learning fundamentals. It includes both the history of SQL and its technical basics. Concepts and definitions will form the solid foundation of your future DBA expertise.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Originally, this post was published on Monitis Blog, you can check it here . It goes without saying that technology has transformed society and the very nature of how we live, work, and communicate in ways that would’ve been incomprehensible 5 ye…
WARNING:   If you follow the instructions here, you will wipe out your VTP and VLAN configurations.  Make sure you have backed up your switch!!! I recently had some issues with a few low-end Cisco routers (RV325) and I opened a case with Cisco TA…
Viewers will learn how to connect to a wireless network using the network security key. They will also learn how to access the IP address and DNS server for connections that must be done manually. After setting up a router, find the network security…
There's a multitude of different network monitoring solutions out there, and you're probably wondering what makes NetCrunch so special. It's completely agentless, but does let you create an agent, if you desire. It offers powerful scalability …
Suggested Courses
Course of the Month12 days, 4 hours left to enroll

752 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question