MoonLive
asked on
Super Subnet Configuration?
All experts, I have remote site with multiple vlans connected by site to site VPN. there ip address range start 10.0.8.0 / 255.255.252.0 and some of department has 10.0.28.0, 10.0.29.0, 10.0.30.0 / 255.255.255.0. How do i combine these networks and route them by simple route statement use on vpn? I currently set to all vlan networks mapped and working but I would like to have simple statement such as following
10.0.0.0 255.255.0.0 to 10.0.28.0, 10.0.29.0, 10.0.30.0 / 255.255.255.0 and 10.0.8.0 / 255.255.252.0
I hope it makes sense. I believe supernet was how it configured it. I open to your advise Thank you!
10.0.0.0 255.255.0.0 to 10.0.28.0, 10.0.29.0, 10.0.30.0 / 255.255.255.0 and 10.0.8.0 / 255.255.252.0
I hope it makes sense. I believe supernet was how it configured it. I open to your advise Thank you!
ASKER
is it possible to use following if I change to same subnet range?
10.0.28 - 30.x / 255.255.255.0 and 10.0.8.0 / 255.255.255.0 can be route by 10.0.0.0 / 255.255.255.0?
for example. 10.0.0.0 255.255.255.0 10.0.8.1
Thanks
10.0.28 - 30.x / 255.255.255.0 and 10.0.8.0 / 255.255.255.0 can be route by 10.0.0.0 / 255.255.255.0?
for example. 10.0.0.0 255.255.255.0 10.0.8.1
Thanks
Not if I understand what you're asking correctly. No.
10.0.0.0 with a 24-bit mask (255.255.255.0) means the 10.0.0.0 network (i.e. 10.0.0.1 - 10.0.0.254 effective host addresses). With a 24-bit mask on that subnet, you wouldn't be able to see 10.0.8.0 at all.
Let's back this up a couple of steps.
Based on your last question, it sounds like you don't really have other networks in between. You just want a single line that would allow you to route all the desired subnets through. But you don't really care about allowing other subnets through because they probably don't exist - is that right? In other words, you want to allow 10.0.8-11.x through, and you want to allow 10.0.28-30.x through. But you may not really be concerned about whether you allow 10.0.22.x or 10.0.31.x through, because they don't actually exist in your network. Would that be a fair assumption? Or do those other networks exist, and you're actually trying to limit which networks can be routed through the VPN?
10.0.0.0 with a 24-bit mask (255.255.255.0) means the 10.0.0.0 network (i.e. 10.0.0.1 - 10.0.0.254 effective host addresses). With a 24-bit mask on that subnet, you wouldn't be able to see 10.0.8.0 at all.
Let's back this up a couple of steps.
Based on your last question, it sounds like you don't really have other networks in between. You just want a single line that would allow you to route all the desired subnets through. But you don't really care about allowing other subnets through because they probably don't exist - is that right? In other words, you want to allow 10.0.8-11.x through, and you want to allow 10.0.28-30.x through. But you may not really be concerned about whether you allow 10.0.22.x or 10.0.31.x through, because they don't actually exist in your network. Would that be a fair assumption? Or do those other networks exist, and you're actually trying to limit which networks can be routed through the VPN?
Actually, I just reread your original question, and it might make the most sense to describe what the network looks like (or draw it and add a diagram.) Because while I'm giving you the right subnet advice, that may not mean that it will help you with the VPN.
What networks are on each side of the VPN?
What networks are on each side of the VPN?
This question needs an answer!
Become an EE member today
7 DAY FREE TRIALMembers can start a 7-Day Free trial then enjoy unlimited access to the platform.
View membership options
or
Learn why we charge membership fees
We get it - no one likes a content blocker. Take one extra minute and find out why we block content.
So you have a choice to make:
Those are really your choices. So ask yourself: How important is it that I allow only those specific networks to get through? Because that's going to answer your question.