Gaz wrote: > > In article , > [EMAIL PROTECTED] says... > > Hello, > > > > I was just reading this document,from the following link > > http://www.cisco.com/warp/customer/110/8.html I have attached > the Pdf file > > of the same for your convinence :-). > > > > > > now coming to my doubt. > > > > If i have a network say like 192.5.2.0/24 inside the pix > (connecting to > > internet) Does it mean that all the sites with 192.5.2.0/24 > would not be > > accessible to the inside network ??
Yes. You can't use someone else's network address in your inside network and still get to that someone else's network! :-) When your devices try to reach 192.5.2.x, they will do a logical AND with the subnet mask and see that the result is the same as when they do a logical AND with the subnet mask and their own address. Hence the destination is local. So they send an ARP broadcast. They get a response from a local device or no response if the address doesn't exist locally. Actually, there are probably workarounds to this. It's not such a silly requirement. In the past people did tend to make up network numbers that actually belonged to someone else, so there is a need to get this to work. I wouldn't be surprised to learn that there's some kludegey way of getting this to work. It would probably only work for specific outside addresses and only if you haven't assigned those addresses locally. More below.... > > > > thanks and regards, > > Murali > > > snip > > Can I chip in with a question for everyone now? > > If you apply more specific routes to all devices for an address > which > should appear on your local subnet, will it then try the routed > path to > the device. > > eg Machine addressed 100.100.100.100 255.255.255.0 > route add 100.100.100.10 mask 255.255.255.255 [default gateway] This is a host-specific route. Operating systems should understand this and behave correctly. Host-specific routes have been around for a long time, like probably since the birth of IP. They solve various problems. So I tred it on a Windows 98 PC. I added the route and then pinged the device specified in the addition. The PC ARPed for the default gateway and then sent the ping to the default gateway, even though the device is really local. The default gateway sent the packet back out the same Ethernet and the local machine replied directly to my PC. I would have expected a redirct from the router too, but I didn't see one. Now, is this behavior specific to the host-specific route? I wonder if I do something like: route add 100.100.100.2 255.255.255.0 default gateway Hmmmmmm Oh, Windows 98 won't let me do that! ;-) It will only let me add a host-specific route. Makes sense I guess. And then it does behave correctly when I add a host-speciif route (e.g., it does what the route tells it to do.) _______________________________ Priscilla Oppenheimer www.troubleshootingnetworks.com www.priscilla.com > > Not that you'd want to do it, but just wondering. > > > Cheers, > > Gaz > > Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=56415&t=56347 -------------------------------------------------- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]