recommendations on home networks - quite advanced.

The subnet determins how many hosts you can have by its BITS :)

It does not determine the IP address just the range and amount of hosts.

a subnet of 255.255.0.0 will allow a range of 60000+ hosts (sorry the actual number is a maths equation)

255.255.255.192

would lower the amount less than

255.255.255.0

as the zero at the end allows you to go from 1-254 IP address's

??????I think that is correct????


Mick
 
Last edited:
Think in terms of bits and it will be clearer that 255.255.255.0 allows 256 hosts while 255.255.0.0 allows 256*256 hosts (65536) as 0-255 allows 256 combinations.

When you have a fractional subnet mask such as 255.255.255.192 two extra bits are 'robbed' from the host part of the mask (192=128+64). This allows for four subnets each with 256/4 (64) hosts - the possible combinations of two bits is 4 i.e. 00, 01, 10 and 11.

The IP addresses increment in the same way 0,1,2 etc. but the range changes subnet every 64 hosts like this:

Subnet 0 - 192.168.0.0 to 192.168.0.63
Subnet 1 - 192.168.0.64 to 192.168.0.127
Subnet 3 - 192.168.0.128 to 192.168.0.191
Subnet 4 - 192.168.0.192 to 192.168.0.255

To communicate from Subnet 0 to another subnet requires routing (layer III switch, router etc). There's a little-known rule which catches people out and that is that the first and last are usually reserved or unusable. For example if 192.168.0.0 (regardless of mask) is the first IP address in the range it's the cable address and can't be assigned to a host. The last IP is the broadcast address. So, from 64 possible hosts in the example above, 62 are actually usable. Additionally, a lot of hardware can't handle the first and last subnet - this arcane situation is buried in the mists of time when hardware was delivered on a pallet!
 
Last edited:
So the network

192.168.0.1
To
192.168.0.254

Has 4 subnets?

I know about the first and last address being unusable.




Sent from my iPhone.
 
Mick said:
So the network

192.168.0.1
To
192.168.0.254

Has 4 subnets?

I know about the first and last address being unusable.




Sent from my iPhone.
Click to expand...

Assuming the mask is 255.255.255.192, yes. If you added another bit so the mask became 255.255.255.224 then there would be 8 subnets - 000,001,010,011,100,101,110,111 and so on.

The subnets would change on boundaries of 32 (256/8):

Subnet 0 192.168.0.0 to 192.168.0.31
Subnet 1 192.168.0.32 to 192.168.0.63
.
.
.
Subnet 6 192.168.0.192 to 192.168.0.223
Subnet 7 192.168.0.224 to 192.168.0.255

Rule of thumb, just divide 256 by how many subnets and add that to the last part of the IP address each time.
 
Him Her said:
Okaaay! If I offended you copex, I apologise, not intended. BTW, your subnet mask, even if it was 255.255.255.32, would cause a problem, it's invalid, sorry...
Click to expand...

So you passed the test :)
 
So if I wanted a network to consist of the following networks.

IE

10.9.9.1 - 10.9.9.254 ---- Normal Operation
10.9.8.1 - 10.9.8.254 ---- VPN users

what would be the subnet to keep this strict network range

255.255.254.0

?????

Just guessing here lol.

Mick
 
Mick said:
So if I wanted a network to consist of the following networks.

IE

10.9.9.1 - 10.9.9.254 ---- Normal Operation
10.9.8.1 - 10.9.8.254 ---- VPN users

what would be the subnet to keep this strict network range

255.255.254.0

?????

Just guessing here lol.

Mick
Click to expand...

Jeez M8, Merlot buzz lol

Okay, the mask doesn't work because the IP addresses fall wrong - move further apart...

Subnets fall into clear boundaries, 0-7, 8-15, 16-31, so do the corresponding IP addresses.

Work out how many hosts you need then pick a mask, I.e., you need 5 hosts on each subnet so the next binary boundary is 8. You need 3 host bits to allow 8 so you can rob 5 network bits. That's 248. Subnet mask is 255.255.248.0 and the ranges go:

10.9.0.x
10.9.8.x
10.9.16.x

So, 10.9.8.x and 10.9.9.x won't work. Use 10.9.9.x and 10.9.17.x with mask 255.255.248.0 (purists, ignore Cisco) and it will be cool :)
 
I thought computers would not talk across networks

192.168.0.1
192.168.1.1

For example. I have experienced this many times with that range using the subnet.

255.255.255.0

I found this article.

IP subnetting made easy | TechRepublic

I still do not think the penny will ever drop for me, I have been waiting for this penny to drop for years now.

Mick
 
Maybe I misunderstood? I'm not clear on what you need to do perhaps but if they have to talk use 255.255.0.0 and if they don't use 255.255.255.0 the first mask puts them on the same network and the second puts them on different networks.

If you want to stay strictly with the IP address ranges that's not a sub-netting issue!

The Tech Republic article looks like a good explanation but I had to build some before it finally clicked :)
 
Last edited:
First off I will explain (kinda going back to the original post lol)

I have now bought myself a second hand dreytek 2380... not paying nearly £300!!! which came yesterday.

I never thought that I would need a dreytek as the modem/router I had was fine, but I thought if I am going to test out VPN's lets not do it on clients lol... so thought I would get the same kind of system.


Right anyway my network consists of the following
Modem direct Internet
Dreytek 2380n (wireless router)
24 port gigabit switch
a TP (LMAO router that has wifi turned off acting as a small gigabit switch to connect printer etc)

First off let me just say since I have put the dreytek 2830 router on my network speed has increased (not browsing internet) but the whole network just seems efficient now!!!!

I have a rack installed with HDMI distribution to my tv's over a 4x4 switch... everything is controlled via RTI and uses two way communication from IP/RS432, etc... this used to always fall over if we had a power cut and I would manually have to restart every equipment individual... I did a simulation last night and it just all booted up, everything worked.

That alone was worth the £100 odd .... alone!

I just feel like I have super charged my network by putting in this dreytek router... maybe its just me lol, but very very happy!

----------------
Now back to the networking side

I setup a network of 10.10.9.1

As I have read that having a network like 192.168.0.1 etc might interfere with other networks when VPN our concerned ?

And I managed to EASILY setup a VPN user and use my phone to connect to my VPN over 3G, worked flawless too!

But I thought it might be nice to setup the VPN users to be on another network address... I know that 255.255.0.0 would work, but that will allow 65000+ hosts, I had the thinking of setting it efficiently for only 2 network ranges?

10.10.9.* Normal
10.10.8.* VPN

I should also say that its not important but I was trying out things lol.

Mick
 
Last edited:
Okay, appreciate it's not important...

There are two basic types of tunnel you can configure on the Draytek, Remote Teleworker (like your phone) and LAN-LAN (to another router).

In both cases it's not the tunnel that has the IP range.

The Remote Teleworker adds a virtual network interface and usually expects an IP address from the remote end-point (your LAN) - whatever does DHCP on your network issues this.

LAN-LAN does a similar thing but the virtual network interfaces are on the connected routers. DHCP is not required but the routing tables at each end must point to the routers managing the tunnel. This is usually achieved by setting them as the default gateways.

Subsequently, the tunnel is transparent and routing takes place.

So, to do what you suggest would require a network 10.10.8.* at the remote end (your LAN), with DHCP and able to route to wherever you were allowing tunnel users to connect.

Consequently, the IP address ranges of the connecting devices must be different or routing will fail. This is the reason 192.168.0.* is avoided, it's not the IP range particularly, more that if both ends have the same IP range the tunnel will fail.

It will usually establish but the connecting device will see 192.168.0.* as 'local' and ARP locally instead of ARPing at the tunnel...
 
So what would the subnet be if you wanted to have two networks seeing each other on (only those network ranges)

10.10.9.1
10.10.8.1

I mean I know 255.255.0.0 would do this but it also leaves open the whole of the 10.10.0 - 10.10.255 open for access to the network.

not that it is even a problem... however is it invalid to be able to restrict access to only the two above networks
 
There isn't a mask that can separate those two subnets, it's really a DMZ function but the Draytek DMZ function is relatively simple.

I think you could this on the 2830 by configuring two VLANS (stick with the 255.255.255.0 mask) and turning off interlan routing. Make 10.10.9.x the first LAN configured, set it up as a VLAN, configure the VPN tunnel then add in the 10.10.8.x LAN...

...I've not tried this but it seems sound technically.
 
You must log in or register to reply here.

Similar threads

trevortron
    • Like
Before you fly on a Boeing aircraft, especially a 737Max
Replies
0
Views
922
trevortron
trevortron
B
Routers Pair bt home hub 4 and home hub 3
Replies
1
Views
855
shaun127
shaun127
skinz
Guides and Info How I upgraded a TP-Link TL-WR841N to DD-WRT
Replies
5
Views
5K
dantis
dantis
Mick
Dreytek Ap700 Wifi repeater £66
Replies
0
Views
2K
Mick
Mick
Him Her
    • Like
  • Sticky
Guides and Info Getting Started with Networking
Replies
11
Views
12K
wenglishboy
wenglishboy
Back
Top