Derek Wueppelmann wrote: > > > You missed his point of having the NIC on the "inside" in > > a different subnet than that of the NIC on the "outside". > > > > But let me ask first: isn't the IP on the ISP's side one > > out of the ISP's net? Or are you allocating one of your > > IP to your ISP's router?
Have you considered this question? It really _is_ a key point. > If you could point me to a good resource on subnetting that > would be very helpful. Subnetting is included in these: http://www.linuxdoc.org/HOWTO/Networking-Overview-HOWTO.html http://www.linuxdoc.org/HOWTO/Net-HOWTO.html http://www.linuxdoc.org/HOWTO/NET3-4-HOWTO.html but I think it would be helpful for me to make a summary or expansion, however it may be... > I tried to create a subnet, it didn't seem to work, however > I don't think I created it correctly. What I've read has so > far gone completely over my head, I am just picking up a few > of the small details of subnetting but not actually enough > to create one using the tools "route" and "ifconfig", etc. > thanks again. Subnetting is a routing aid, to "break" up an Internet-classed network into smaller networks. The Internet has three size classes of networks, A, B & C. The A networks have addresses like AA.0.0.0, with 1048574 (1048576 - 2) hosts, B class networks have addresses like AA.BB.0.0, with 65534 (65536 - 2) hosts, and C class networks have addresses like AA.BB.CC.0, with 254 (256 - 2) hosts. Host addresses of all ones and of all zeros (binary) are not supposed to be used, since these mean "broadcast" (to all the hosts) and "the network", hence the "- 2"'s above. The class of network is determined by the first few (most significant) bits. The networking drivers of a host know how to send packets to another host on the same network, based on the address of interface connecting the host to that network. In the case of a destination _not_ on the same network, the host must send the packets to a router to get it to the intended destination. For each possible destination network, the network drivers will consult routing information to find a router that should get the packets there. At last resort, a _default_ router could be designated, which is supposed to know how to get packets to any arbitrary network. Subnetting is a scheme to break up networks, for various reasons, including isolation, by extending the number of bits used to identify the network portion of an address, by "robbing" them from the host portion of the address. The number of bits robbed is completely arbitrary, but in any subnetwork, there are always two host addresses that should not be used: all zeros, and all ones. Hence a network that was uniformly subnetted all the way down to only two bits of host address would have half of the total address space within the overall network unusable for hosts. The network portion of an address can be identified by the netmask, expressed in all ones in binary, usually translated to decimal or hexidecimal, from the most significant bit, to the least significant used bit of the complete address. Hence the netmask for a class A address is 11111111.0.0.0=FF.0.0.0=255.0.0.0, class B has 11111111.11111111.0.0=FF.FF.0.0=255.255.0.0, and class C has 11111111.11111111.11111111.0=FF.FF.FF.0= 255.255.255.0. These netmasks are implied by the class of address, and therefore, do not usually need to be specified in interface address settings or routing information settings. Netmasks are also oftem symbolized by something like A.B.C.0/N, where N is the number of bits of netmasking. Subnetting effectively ignores Internet classes, and therefore requires explicit netmasking specification. For an example of subnetting, a given class C might be broken into four subnets: A.B.C.0, A.B.C.64, A.B.C.128, and A.B.C.192. In binary: A.B.C.00000000, A.B.C.01000000, A.B.C.10000000, & A.B.C.11000000 . In each of these subnets, there could be up to 62 hosts. The netmasks for these are 255.255.255.192 Subnetting doesn't require that each subnet be equal. Remember, the number of bits extending the Internet-class network address are arbitrary. The above network might be subnetted into nets A.B.C.0, A.B.C.8, each masked 255.255.255.248, having upto 6 hosts each, net A.B.C.16, masked at 255.255.255.240, having up to 14 hosts, nets A.B.C.32, A.B.C.64, and A.B.C.96, each masked 255.255.255.224, having up to 30 hosts and a net A.B.C.128, masked 255.255.255.128, having up to 126 hosts. There can even be subnets of subnets. For a given host, if there are sub-subnets, the netmasking with the most bits ought to be tested first against the destination address to ensure that packets get sent to the appropriate router. At _really_ helps to use binary to figure the netmasking: 255.128.0.0 = 11111111.10000000.0.0, hosts 0.0.1 - 127.255.254 255.192.0.0 = 11111111.11000000.0.0, hosts 0.0.1 - 63.255.254 255.224.0.0 = 11111111.11100000.0.0, hosts 0.0.1 - 31.255.254 255.240.0.0 = 11111111.11110000.0.0, hosts 0.0.1 - 15.255.254 . . [henceforth using hexidecimal for all-1 octets] . 255.255.255.248 = FF.FF.FF.11111000, hosts 1 - 6 255.255.255.252 = FF.FF.FF.11111100, hosts 1,2 255.255.255.254 = FF.FF.FF.11111110, no hosts, really 255.255.255.255 = FF.FF.FF.FF, ho hosts, really The last two are only usable on host-to-host connections, with the same address on both ends.