Routing Question

Hello, hope someone can help.
Manage a corporate network.
5 subnets all sitting behind a firewall with ranges:
10.1.1.x - 10.5.1.x

default route out of the firewall is through the public IP address assigned to one of the port on the firewall onto the internet. All working fine, except now we have connected into a larger WAN that staff on our five subnets need to access from their own desktops.
The problem lies in that the sites (over 1500+) in the WAN also all begin
10.x.x.x, at the moment I have added in a few static routes at the firewall to direct the traffic destined for that domain out though the appropriate port in the firewall

ie route add -p 10.123.0.0 mask=255.255.0.0 192.138.12.4

But - I don't want to have to do this 253 times (also dont want to have to readdress our own domain) is there any clever way I can mask out our internal ranges and direct all traffic destined for the WAN through the correct port with one routing statement?
thanks in advance.
Suzy
LVL 1
suzyreidAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

 
qwaleteeCommented:
You'll need a few, but you shoudl be able to come up with some masks taht effecively create partial B subnets.
0
 
suzyreidAuthor Commented:
Hi
What sort of masks should I be using? Trying to avoid having too many static routes which will kill my firewall performance...
thanks
0
 
Robing66066Commented:
These should do it.

10.6.0.0 /15
10.8.0.0 /13
10.16.0.0 /12
10.32.0.0 /11
10.64.0.0 /10
10.128.0.0 /9
0
Ultimate Tool Kit for Technology Solution Provider

Broken down into practical pointers and step-by-step instructions, the IT Service Excellence Tool Kit delivers expert advice for technology solution providers. Get your free copy now.

 
qwaleteeCommented:
That will cover all except 10.0.*.*.  Add 10.0.0.0/8 with a higher routing cost than your local interfaces.
0

Experts Exchange Solution brought to you by ConnectWise

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
 
suzyreidAuthor Commented:
If I use a 10.0.0.0/8 route - this will obviously cover everyhting - but will it cause problems with the routes I already have in?
If I have specific routes in, will be used before the general 10.0.0.0/8 ?
0
 
qwaleteeCommented:
Depends on the cost paraneter for the routing table entry.  Default metrics are usually 1, but you can specify a specific metric.  E.g., if you put in all your local routes as cost 1, static routes as 2, and 10.0.0.0/8 as 3, it will consider the "generic" class A 10 network last.

Most routers also are smart within a metric, trying more specific masks first, but I don't know if all do that.  If your does, then you would likely not have to worry at all, because the class A mask is going to get considered last anyway.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.