IP addressing

I am drawing a network diagram it has in the final stage a bastion host, then a router that is a gateway for five lans, I have the adress ranges for the lans. Q do I have to give a seperate IP address at the router end for each lan or just one, as you see I am a novice.
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Your saying you have a router with 5 networks connecting to it that are the same, as in

Now you want to add a dissimilar network

Is this the jest of it??
kevinoakesAuthor Commented:
No my router now has an IP adress of that is one subnet the lans are 192.168.3./24 and they are on different subnets. I dont need a different network as this is the last router, all i need to know is does the router need one IP address192.168.3.37 or five to communicate with each lan, sorry if I am not very clear but this is my first time.
You need a unique router between each subnet. Not just one router. Otherwise, your not really routing. Still not clear though, when you say the LAST ROUTER.

Sorry for all the frustration, but is the same network as 192.168.3.x/24. Now if it were like this,,,,then you'd have routable networks

192.168.3.x /24 (or - Router's WAN interface


Then, to route traffic from networks 192.168.4 - .7 you'd need either a router between each one, OR a router that you can have 5+ interfaces to connect all these networks TO. Which, in your question would mean YES on separate interfaces for each LAN.

The Ultimate Tool Kit for Technolgy Solution Provi

Broken down into practical pointers and step-by-step instructions, the IT Service Excellence Tool Kit delivers expert advice for technology solution providers. Get your free copy for valuable how-to assets including sample agreements, checklists, flowcharts, and more!

kevinoakesAuthor Commented:
What if I use a switch instead of a router, would this make it any eadsier and would I still need seperate IPs for each lan. Sorry I dont know how to make it any clearer
If your going to set all networks/lans on 192.168.3.x with a 24 bit mask then yes, your dead on with NO router and add a switch. Or even just a hub if money is tight. Switching is better, by all means.

As long as you leave it a 192.168.3.x/24 you don't really even have LAN's. Your just all in the same neighborhood, so to speak. By this I mean if you had 10 users on each of these "Lan's" then you could set one 96 port switch in a room and hook every single computer to the same switch. The question is, are these "LAN's" all local to each other? If not, then you will have to go to router's and some type of backbone network to connect them like either frame realy, or site to site VPN's across the internet.

Hope that helps.
Maybe tell me PHYSICALLY how your comuters are dispersed.
kevinoakesAuthor Commented:
Right here goes my first router that is accesed from the web has external address the internal address is this goes to a bastion host with the bastion uses to connect to my webserver the bastion has 4 NICs you will see why in a moment, to prevent acces to the info servere from outside the bastion connects to server using the server is bastion also connects next  with to the  router connects to the LANs which are on seperate subnets ranges are
1) to  2) to192.168.3.126  and so on which gives 30 hosts for each lan not counting network and broadcast I hope this makes more sense.  also do I need one ore more IP adresses for a switch to connect to the lans
OHHHHH, I got you now. Let's make sure I am clear

bastion host has 4 NICs
NIC#1 and connects to the internal interface of your Internet router
NIC #2 and connects to your web server
NIC #3 and connects to your info server which is
NIC #4 and you want a switch placed between this NIC and the following subnets:

1) - 94
and so on.

If I have it straight you would not need a 5th NIC to put the switch to. Your switch would have all networks plugged into it and the Bastion's NIC #4 above would plug into it as well.

Hope that helps
kevinoakesAuthor Commented:
I know I sound stupid so nic #4 communicates with the switch shouldnt the switch have a nic#5 that communicates with the bastion And #6 that communicates with the lans or am I being thick

You know one thing. When I read this question, I knew exactly how i would have framed the question if i had come to EE few months ago. As a undergraduate student I had exactly the same set of doubts and although I knew my theory, the Tanenbums and the Krozs didnt actually give me practical HOWTOs which I could follow and implement.

FIRST OF: What is a router???

Maybe I am wrong, but a router is a piece of device which is used to connect two different subnets. A repeater connects the same subnets. I will elaborate a bit so that my answer is clear to u. The use of routers, repeaters, etc. etc all lie in the very fundamental way ethernet operates. A subnet is a network where all the participating hosts are assumed to have the same host id. So a subnet refers to the network: where the hosts are numbers - The first addr being unusable because it is the NETWORK ID and the last IP also being unusable because it is the broadcast address. So if a machine wants to send a packet to and both being connected physically using a:
- hub,
- crossover cable,
- FDDI ring, etc.
then the procedure would be as simple as Host A (source) finding out the MAC address associated with the Host B (dest) IP address and the physical layer (meaning the NIC hw) doing the actual delivery.

BUT BUT BUT, what happens if Host A wants to communicate with***. Since it is obviously not in the same subnet, we would send the packet to the default gateway configured for the subnet. All subnets have a gateway (a router for ex.) to be able to communicate with outside world (i.e. subnet.) So the "gateway obviously will lie in the same subnet as the source subnet"**** which is (lets say the router IP addr for this subnet is The packets will reach this router as it would have reached host b (above....). The the router takes over and takes the packets to the required destination (ofcourse this requires the router is appropiately configured and believe me that is another 5000 points question ;) )

Read the above paragraph couple of times and allow the matter to sink in. Now coming to your specific problem:

- NIC 4 has the IP addr and the /24 part dictates that the subnet mask is which
             ====> that the network ID is So any host (node) having a similar network id
and """subnet mask"""" (imp) will be able to communicate with NIC 4 and the router would get the packets.

So what you should do is to connect NIC 4 to a fairly high end switch (since a lot of traffic is going to flow through it) and then connect further swithes to the main switch. Each of these secondary switched will have nodes attached to them with different ranges of IP addresses. Why this setup will work is obvious....? Because, to, to all lie in the same "" subnet, they would all be able to reach the (NIC 4) router addr. So all the machines would be configured with a netmask and would have the default gateway set to No need for any ROUTER between and the subnets. Just a heirarchial network of switches will do FINE.

Config for all subnets:

Default gateway:

Hope this clarified your doubts.


Yes, if your router is to act as an outbound gateway for clients on those subnets, it needs an address on each subnet that can be given out to them to use.

Depending on your topology, these addresses might be on different physical interfaces of the router, on different subinterfaces of a single "trunked" physical interface, or entered as secondary addresses on an interface that connects to a segment with multiple address spaces.  (The last choice isn't recommended, but sometimes its the easiest way to cope with legacy configurations.)


Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Hi man,

Please clarify your situation.

kevinoakesAuthor Commented:
I have sorted it out
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today

From novice to tech pro — start learning today.