Subnetting multiplr Class-C Netwroks for Security
Posted on 2009-04-13
We currently sell bandwidth/ IP ranges to clients in our collocation. This network was setup before I was with the company, and currently we are not using any kind of sub-netting. We have 3 class C IP ranges that are publicly routable, and IP addresses are just being handed out as needed. The problem has started to arise that people are "borrowing" IP addresses that they did not pay for, and belong to other clients. Since all blocks of IP's go out the default gateway of x.x.x.1 and have the default /24 mask there is not really any way of stopping this.
We have 3 switches that the clients connect to and then the main switch (3Com 4500) is connected to the uplink from our provider. I was going to create VLANs and VLAN-interfaces for each client, but the main switch only supports 10 VLAN-interfaces and we have 20 clients and growing. I am currently planning to stick a 3Com 5012 router in between our switch and the service providers, and then create sub-interfaces for each subnets gateway.
I was wondering how creating the subnets is handled in a situation like this? We are currently dealing with about 20 clients (all needing their own subnets) and 750 IP addresses.
Also, will it work to create the sub-interfaces on the router for each client or do I need to setup any type of specific routing protocol?
I will be extremely grateful for any help on this! Thank you!