-
June 30th, 2007, 09:22 AM
#1
Odd TCP/IP Subnets
Hey all,
I think i got the right forum as its not really security related
Situation; Windows 2003 SBS Domain environment w/ x number of clients.
AFIK the most commonly used IP configuration is 192.168.0.0 or 1.0 / 255.255.255.0
Can someone give the quick rundown as to why this is or the reason for its high useage.
My question is; Is it possible to cause problems with the network by having an unusual subnet config. Take these for example;
10.10.0.0 / 255.0.0.0 <--- Fairly normal IMO
what if
10.10.0.0 / 255.255.255.0 <--- what would this change impact and are there other odd configurations that could do the same.
Any good links would be great including "Daryl's TCP/IP Primer" wherever that may be found
Thanks peeps
CTO
"Any intelligent fool can make things bigger and more complex... It takes a touch of genius --- and a lot of courage to move in the opposite direction."
- Albert Einstein
-
June 30th, 2007, 10:40 AM
#2
Can someone give the quick rundown as to why this is or the reason for its high useage.
lazy admins.
what would this change impact and are there other odd configurations that could do the same.
limit the number of available addresses.
I am sorry, I do not think I could explain this in my current condition ( drunk AND frustrated attempting to fix my son's Vista machine! )
But I think you do not understand what a netmask is.
It is basically a very simple concept, but very difficult to get your head around at first.
I would suggest you google ( yea, I know ... ) the terms
"subnet mask"
and
"subnetmask"
There used to be a few threads discussing this a few years back right here; maybe also search the achieves?
Or maybe someone else could explain it better, but I think you need to study up and refine your question a bit ( at least for me with one eye open and cursing at this damn computer. )
" And maddest of all, to see life as it is and not as it should be" --Miguel Cervantes
-
June 30th, 2007, 01:18 PM
#3
AFIK the most commonly used IP configuration is 192.168.0.0 or 1.0 / 255.255.255.0
Can someone give the quick rundown as to why this is or the reason for its high useage.
It is a popular subnet with small businesses as most home/small business networking equipment comes pre-set with this IP range - as there are a lot more small businesses than large ones obviously there will be more smaller networks. Also small businesses may not have an IT department or even a decent system/network admin hence in ignorance they leave most things at default settings.
10.10.0.0 / 255.0.0.0 <--- Fairly normal IMO
what if
10.10.0.0 / 255.255.255.0 <--- what would this change impact and are there other odd configurations that could do the same.
With the later /24 mask you would be limiting yourself to 254 usable IP addresses for that subnet.
I think you are trying to ask why use a 192.168.0.0/24 range over a 10.0.0.0/8 range?
One of the main reasons is VPN configurations - say you needed to set up a site-to-site VPN with another customer, chances are they may already have a VPN to another customer using the 192.168.0.0 range, as it is so common (more common than you would think in SME networks). If they already have a VPN with this IP in use then you would have to re-address or segment your LAN to set up a usable VPN.
By using a random subnet you reduce the chance of IP conflicts with other networks; 192.168.171.0/24 for example is not common and would more than likely be free if you needed to set up a VPN. It still allows the same amount of IP addresses as the 192.168.0.0/24 subnet so manageability is the same, it just stands up well for any future compatibility problems you may encounter.
Another reason is manageability - managing a 10.0.0.0/8 subnet can be pretty horrendous once you start adding other subnets, VLAN's, VPN's etc.
By breaking it down into smaller subnets it becomes a much more manageable network and would lead to fewer 'networking' problems.
Last edited by Nokia; July 2nd, 2007 at 04:18 PM.
-
July 2nd, 2007, 03:41 PM
#4
CIDR notation, Network Mask, Available Networks, Available Hosts per network, Total usable hosts
/24 255.255.255.0 1 254 254
/25 255.255.255.128 2 126 252
/26 255.255.255.192 4 62 248
/27 255.255.255.224 8 30 240
/28 255.255.255.240 16 14 224
/29 255.255.255.248 32 6 192
/30 255.255.255.252 64 2 128
/31 255.255.255.254 128 2 * 256
^^ Stolen from wikipedia http://en.wikipedia.org/wiki/Subnetwork
also look at http://www.3com.com/other/pdfs/infra..._US/501302.pdf
-
July 2nd, 2007, 03:50 PM
#5
Find a book called TCP/IP Illustrated, nice chapter in there covering the different classes of network addresses.
-
July 2nd, 2007, 06:19 PM
#6
As most people have said, wrapping your head around this concept can be tricky at first, but once you understand, I strongly believe you will have a much much larger understanding of how TCP/IP addressing works.
As some have said, it might not seem like a big deal with a small company with a few PC's, but when you get into a large company with multiple remote offices, or work for a ISP, it becomes one of the main things that you will deal with on a day by day basis as servers are added, or new IP ranges are added for customers / servers.
-
July 3rd, 2007, 01:03 PM
#7
Originally Posted by CybertecOne
Can someone give the quick rundown as to why this is or the reason for its high useage.
Really quick answer: RFC-1918
Oliver's Law:
Experience is something you don't get until just after you need it.
-
July 3rd, 2007, 03:22 PM
#8
My actual question was:
Is it possible to cause problems with the network by having an unusual subnet config.
And from your answers any setup is fine, and wont cause problems like slow traffic and routing. I guess if i reworded the question, it would sound more like;
Does a 192.168.0.0 network have more throughput than any other config.
-------------------------------------------------------------------------
BTW, this all came about after setting up a domain with 10.10.0.0/24 and after having issues with net speed he said that the subnetting might be causing the issue and that a 10.10.0.0 network is usually 255.0.0.0 sooo....... is there anything to his claim?
Thanks guys!
CTO
"Any intelligent fool can make things bigger and more complex... It takes a touch of genius --- and a lot of courage to move in the opposite direction."
- Albert Einstein
-
July 3rd, 2007, 04:12 PM
#9
Originally Posted by CybertecOne
Does a 192.168.0.0 network have more throughput than any other config.
Nope.
BTW, this all came about after setting up a domain with 10.10.0.0/24 and after having issues with net speed he said that the subnetting might be causing the issue and that a 10.10.0.0 network is usually 255.0.0.0 sooo....... is there anything to his claim?
No, it's BS. The only reason subnetting could be an issue is when the routing on your network is screwed up. If setup properly, any subnet will perform just like any other.
The other way around could be a performance issue, having a 10.0.0.0/8 network and way to many hosts on it ( i.e. >1000). Performance will degrade because of the amount of broadcasts and hosts trying to send data at the same time. To boost performance networks tend to be subnetted to keep the number of hosts on the same broadcast domain (another term for subnet) below a certain level.
Oliver's Law:
Experience is something you don't get until just after you need it.
-
July 3rd, 2007, 08:20 PM
#10
Hes talking through his arse.
The default subnet mask for a class A network i.e. 10.0.0.0 is 255.0.0.0, thats where hes got that from.
This default subnet mask can be changed to another mask depending on how many subnets you require vs how many hosts you require in each subnet.
Similar Threads
-
By guardian alpha in forum The Security Tutorials Forum
Replies: 10
Last Post: February 25th, 2005, 12:34 AM
-
By SDK in forum The Security Tutorials Forum
Replies: 0
Last Post: February 17th, 2005, 04:54 PM
-
By gore in forum Newbie Security Questions
Replies: 11
Last Post: December 29th, 2003, 08:01 AM
-
By invader in forum AntiOnline's General Chit Chat
Replies: 7
Last Post: January 22nd, 2003, 02:29 PM
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|