Without a gateway that exists in both the 10.0.1.0/24 and the 10.0.0.0/23networks, nothing on the 10.0.1.0/24 will be able to hit an address on the 10.0.0.0/24 space.
You do realize that 10.0.0.0/23 overlaps with 10.0.1.0/24 so that the gateway will see 10.0.1.0/24 as part of the larger 0.0/23 supernet locally attached and will simply arp for any 10.0.1.0/24 address. However, hosts with 10.0.1.0/24 addresses will see any address on 10.0.0.0/23 as being on a different subnet and as such will attempt to forward that traffic to their default gateway. If the default gateway isn't in the 10.0.1.0/24, no traffic will be sent, and the packet dropped as unreachable. Joe On Tue, Jan 20, 2009 at 3:18 PM, Cord MacLeod <cordmacl...@gmail.com> wrote: > This is the setup roughly. The gateway is a 3560 switch and has a vlan > defined for that 10net. There is also a static route on the internet > gateway to point everything 10.0.0.0/23 to 10.0.0.2. 10.0.0.2 being > reachable from 10.0.0.1. > > > On Jan 20, 2009, at 1:55 AM, Felix Schueren wrote: > > Cord MacLeod wrote: >> >>> As far as the router id, I went back to basics and looked in my junos >>> cookbook and didn't skip a beat when I first set this up and it didn't >>> work. I just added in all of the steps it suggested, really nothing of >>> consequence. >>> >>> So, 10.0.0.0/24 is the network devices and 10.0.1.0/24 is the machines. >>> That's why I have a /23 on that interface. Funny part is that >>> particular switch with 10.0.0.2 on it locally can hit the internet and >>> 10.0.0.1. No other device can nor can I ping 10.0.0.1 with any other >>> source on the local switch. >>> >>> >> "internet gateway" >> | >> | >> 10.0.0.0/23 >> | >> | >> "ex4200" >> | \ >> | \ >> | \ >> "other1" "other2" >> | | >> 10.0.1.0/24 >> | | >> "machines1" "machines2" >> >> is that similiar to your setup? if it is, the "gateway" will most likely >> not try to reach anything within 10.0.0.0/23 routed, instead just ARPing >> on it's directly connected interface. From what I saw so far, end >> machines should be able to send packets to 10.0.0.1, but it appears that >> 10.0.0.1 can't send any packets back - can you monitor traffic on >> 10.0.0.1 to verify that? >> >> -felix >> >> >> -- >> Felix Schüren >> Head of NOC >> >> ------------------------------------------------------------------ >> Host Europe GmbH - http://www.hosteurope.de >> Welserstraße 14 - D-51149 Köln - Germany >> Telefon: (0800) 4 67 83 87 - Telefax: (01805) 66 32 33 >> HRB 28495 Amtsgericht Köln - UST ID DE187370678 >> Geschäftsführer: >> Uwe Braun - Alex Collins - Mark Joseph - Patrick Pulvermüller >> > > _______________________________________________ > juniper-nsp mailing list juniper-nsp@puck.nether.net > https://puck.nether.net/mailman/listinfo/juniper-nsp > _______________________________________________ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp
