SUMMARY: netmask readable for all of you

From: Heggli Beat (heggli@elsun.ee.htl-bw.ch)
Date: Tue Apr 18 1995 - 03:50:45 CDT


Hi managers

I mailed the summary netmask last week and
didn't realise the Attachments made with the
Mail Tool being uuencoded. I admit, it's a bit
awkward to uudecode the mail before reading it.

I apologise and send the summary again.

original question was:

>Hi
>
>We have a class B Network that looks like this
>
>
>Netmask 255.255.255.0 147.86.128.x backbone 10BASE5
>----------------------------------------------------------
> | |
> +---------------+ more hosts, more router
> | Sun Router |
> +---------------+
> |
>Netmask 255.255.255.0 | 147.86.192.x
>
>
>
>This was ok for the last two years, but now we need more IP addresses
>on the backbone. My idea was to change the netmask to
>255.255.240.0 . This is great, giving me much more addresses where
>I need it. This is bad, leaving us only 15 subnets.
>With different netmasks within our Network, we could have both:
>more addresses on the backbone, 15 subnets each containing
>up to 15 subnets. This would look like:
>
>
>Netmask 255.255.240.0 147.86.x.x backbone 10BASE5
>----------------------------------------------------------
> | |
> +---------------+ more hosts, more router
> | Sun Router |
> +---------------+
> |
>Netmask 255.255.255.0 | 147.86.192.x
>
>
>
>This would also be cool because I wouldn't have to change all the
>netmasks behind the various routers on the backbone.
>
>But...
>
>Sun says in its answerbook: (SunOS 5.3)
>"If you are going to subnet, you will need to select a network-wide
>netmask". - I guess different netmasks on a sun router do not work.
>
>
>So I ask you:
>
>- has anybody out there a class B network with different netmasks and
> would be so kind to tell me, how he has done it?
>
>- are there other specialized routers, who can manage different netmasks ?
>
>- can DEC or HP Workstations act as routers with different netmasks ?
>
>- Is my idea about this subject weird and there are much better solutions for
> this problem ?
>
>
>any answer will be appreciated
>
>Beat Heggli
>

There are different opinions on this subject.
- John O'Connor sent me a summary from an earlier request to the mailing list.
- Kevin Sheehan says a netmask applies to the whole address
- Glenn Satchell suggests to create some more subnets, he knows that Cisco
  routers can handle different netmasks
- Vippin Chadha says about the same as Kevin Sheehan
- Kenneth Okenka has done it with CISCO Routers
- Cindy Yoho has done it
- Russ Poffenberger says it is a violation of the spec
- Paulo Licio de Geus had bad exprience with the RIP routing protocol
- Steve Ozoa tells you something usefull about routing protocols
- Michael Myers says the subnet mask need to be the same for the entire
  network
- Dave Russell did it with OSPF
- Steven Dick did it as well and tells you how it has to be done.
- Todd Miller has done it with cisco routers

I set up a router on our backbone to join 2 subnets in one, giving me some
breath for new hosts on that segment. Then we are going to take away
some routers and put in bridges instead. After that I'm going to test
a configuration with different netmasks with a Solaris 2.4 host. And at
the turn of the century we will get a brand new fibre backbone.

Thanks and by

************** Start John O'Connor ***********************

>From oconnor%gecko.uucp@Germany.EU.net Wed Mar 29 09:10 MET 1995
Return-Path: <oconnor%gecko.uucp@Germany.EU.net>
Received: from mail.Germany.EU.net by elsun (5.0/SMI-SVR4)
        id AA19136; Wed, 29 Mar 1995 09:09:41 --100
Received: by mail.Germany.EU.net with ESMTP (8.6.5:29/EUnetD-2.5.1.d) via EUnet
        id JAA03110; Wed, 29 Mar 1995 09:11:38 +0200
Received: from gecko.cpn_nis (gecko [89.0.0.58]) by aec.aeg.kn.DaimlerBenz.com (8.6.9/8.6.9) with SMTP id JAA18868 for <heggli@elsun.ee.htl-bw.ch>; Wed, 29 Mar 1995 09:06:48 +0200
Received: by gecko.cpn_nis (5.x/SMI-SVR4)
        id AA21711; Wed, 29 Mar 1995 09:08:48 +0200
Date: Wed, 29 Mar 1995 09:08:48 +0200
From: oconnor%gecko@aec.aeg.kn.DaimlerBenz.com
Message-Id: <9503290708.AA21711@gecko.cpn_nis>
To: heggli@elsun.ee.htl-bw.ch
Subject: Re: Subnet sizes:: a Summary
X-Sun-Charset: US-ASCII
Content-Type: text
Content-Length: 11426
X-Lines: 290
Status: RO

----- Begin Included Message -----

>From oconnor Wed Mar 29 09:05:47 1995
To: sun-managers@eecs.nwu.edu
Subject: Re: Subnet sizes:: a Summary

I originally asked:
>
> I have a machine with a large number (30) of network interfaces.
>
> Due to address space limitations, I may need to set up different
> sized subnets on these interfaces.
>
> I am concerned about making all of this work (can I still get NIS to
> set up the netmasks on all of the interfaces?) Also, am I likely to
> start hitting bugs in the OS?
>
> I expect to use gated as two of the subnets will be running SLIP or PPP
> connections.
>
> Thanks in advance for all comments and experiences. I'll post a summary.
>
> John O'Connor
>

I got lots of replies, thanks everyone especially to Mike bennett. When I
first met Mike he was doing wp stuff and things for the development group
in which I was working. Now here he is a few years later doing sysadmin on
a Unix network and it looks like he knows his stuff. Well done Mike!

The general summary is this:

Yes, variable sized subnet masks are OK and on Solaris at least they appear
to work OK.

The things to rember are this:

When the specs speak about a network needing to have the same netmask, they
are using the term network to refer to (for example) a single cable segment.
(That is a bit of a simplification of course but it illustrates the point.)#

So, my Sparc box is connected to approx 30 networks and each machine connected
to each of those networks must have the same subnet mask as each other machine
connected to that network. That does not mean that each network interface in
my main box needs to have the same subnet mask as they are all connected to
different networks.

Strictly, you should not have a subnet whose address bits are all 0s or all 1s.
What I mean is, suppose you have a class B network address of x.y.?.? and you
decide to use 255.255.255.0 as the subnet mask.

In that case, you should not use the subnets x.y.0.? or x.y.255.?

The reason is that if you do, you will confuse broastcast addresses.

Here are the replies:

============================================================================

From: Mike Bennett <mikebe@airport.bt.co.uk>

I don't have so many interfaces on my machines, only about 5 each, I'm also
responsble for network address allocations.

As long as the netmasks contains the correct entries, I see no problem.

============================================================================

>From oconnor Mon Mar 20 19:09:35 1995
To: mikebe@airport.bt.co.uk

> As long as the netmasks contains the correct entries, I see no problem.

Well, I _see_ no problems either except that it is a very unusual
configuration and various manuals warn that unusual configurations
are a good way to discover bugs in the the OS. Are you actually using
different sized subnets there?

============================================================================

From: Mike Bennett <mikebe@airport.bt.co.uk>

Yes, I'm using different sized subnets, using between 3 and 7 bits as the
subnet mask on a number of class 'c' addresses. I have to divide the subnets
up between 8 and 128 bits per subnet, according to the requirement of the
customer.

Are you using SunOS, or Solaris, I've been using Solaris 2.3 for the
software configuration of the network interfaces.

Have found no problems so far, with the software, however, I do already have
a number of patches already installed. If you are using Solaris 2.3, I would
advise using the following set of patches:

        101219-01 101225-01 101237-01 101294-01
        101297-01 101306-01 101307-01 101317-09
        101318-54 101327-07 101331-04 101344-11
        101347-02 101362-21 101493-01 101615-02
        101739-04 101889-01 102034-01

Not all of these are obviously required, but for all my machines, I have made
this standard throughout the company departments I am currently working for.

============================================================================

>From oconnor Tue Mar 21 11:24:37 1995
To: mikebe@airport.bt.co.uk

> Yes, I'm using different sized subnets, using between 3 and 7 bits as the
> subnet mask on a number of class 'c' addresses. I have to divide the subnets
> up between 8 and 128 bits per subnet, according to the requirement of the
> customer.

Now that is useful information. Very few people are running different sized
subnets and I have been concerned about running into problems.

Do you use all possible values of subnet? According to RFC950 a subnet whose
address bits are all 0 or all 1 shoul not be used. So, if you have a class
C address split into 8 subnets each with 30 hosts, you cannot use the 000
and 111 subnets meaning that you only get 180 hosts rather than 240.

I intend to ignore this restriction as it is only there to ensure that you
can do a broadcast to the whole network.

> Are you using SunOS, or Solaris,

Solaris 2.4, we are currently being bombarded with patched as Sun try to
make our FDDI connections work.

============================================================================

From: Mike Bennett <mikebe@airport.bt.co.uk>

The subnet bits of 000's and all 111's, should not be used. However, this
does not mean you cannot use them, in extreme cases, where you are not
using routing, then these addresses could logically be used. However, I
have always disapproved of using them, as this causes an network administration
problem at a later date when you may need to use these addresses, if you add
a router.

As you have specified 30 hosts, with an IP address mask of 30 hosts the all
000's would be your netmask, and the all 111's would be your broadcast, best
to keep to this standard, especially when the OSI 64bit addressing comes out,
should it be required for implementation in your company at a later date.

Because of the 000's and 111's limitation, you are quite correct, in stating
that you would only get 180 hosts, rather than 240.

============================================================================

From: rwolf@dciem.dnd.ca (Robert Wolf)

I strongly believe that subnetted lans, can not be serviced by a single
NIS server. NIS is generally confined to a single network. Enough
if your machine has multiple interfaces, only, the host machine can be
only a single NIS server for one of those multiple interfaces. DNS can
cross several networks and service several networks but it only provides
hostname resolution.

I would be very interested in your findings.

============================================================================

From: Mike Rembis <ebumfr@ebu.ericsson.se>

|
| I have a machine with a large number (30) of network interfaces.
|

                                        ^^^

Gee - and I thought we were cool with only 10 network interfaces on our
machine .....

We are currently subnetting using this netmask ... 255.255.255.192.

Not experiencing any problems....

============================================================================

From: john surveyor <johns@rufus.state.COM.AU>

I have recently subnetted a class C network. There were one or two things
which bit, though Im sure that you will be able to work through them
as easily as I did.

The network mask which I used was 255.255.255.224 - though this apparently gives
8 subnets 2 of them are unusable: you cant use addresses where the network
portion is all 0's or all 1's so this excludes 2 subnets (namely addresses
in the range 0..31 and 224..255).

It seems that the designers of subnetting
were mostly concerned partitioning class A and class B addresses along byte
boundaries rather than efficiently partitioning class C addresses.

You have to put the netmask in /etc/netmasks on *every* machine so that the
initial configuration of the network interfaces occurs correctly before the
machine can bind to NIS. Of course the netmask still needs to be in NIS as
well.

You must use a consistent netmask for all subnets of a given network, otherwise
your routing tables will get confused.

I was using routed not gated so I cant speak for or against the latter. I did
not encounter any OS bugs.

============================================================================

From: poffen@San-Jose.ate.slb.com (Russ Poffenberger)

One thing to keep in mind with subnets, is that for a particular class of
address, the subnet mask MUST be the same. For example, we have a class B of
163.185.xx.xx. We use a netmask of 255.255.255.192, ALL interfaces that use
163.185.xx.xx MUST use the same netmask. This is per the IP specification.

============================================================================

From: Reto Lichtensteiger <rali@hri.com>

John,

Thanks for sparking an entertaining half hour of discussion here ... <g>

You didn't specify which OS your using -- SunOS or Solaris.
By "different sized" did you mean 'different from default for the address
class, but all the same' or did you mean 'varying size netmasks on the
different interfaces'?

If the former, "go nuts" ... <g>

If the latter, then I believe (your mileage may vary, answer not
guaranteed etc, etc ...) you will be out of luck if the box is SunOS.
BSD 4.3 (Net/2) can do this, but SunOS is BSD 4.1/4.2 based and the IP
code, as taken fom BSD, was still pretty crude.

Solaris should be able to handle variable subnets. (I can't belive I just
said something nice about Slowlaris ...)

============================================================================

From: paulo@dcc.unicamp.br (Paulo Licio de Geus)

>From my past experience with SunOS 4.x and different subnets,
in.routed (i.e. RIP) does not handle different netmasks, so you'd
better stick to gated (use another routing protocol...) for this
reason primarily (and not because of slip/ppp).

Also, NIS made a mess when I had different netmasks, at least for the
same class network (in fact, the only way the netmasks map works over
here is when you define the mask only for the whole of our class B
network, i.e. 143.106.0.0 0xffffffc0.

I think you should configure your interface from a script during boot.

============================================================================

From: sozoa@atmel.com (Steve Ozoa)

We haven't had to do that (yet), but we have recently been battling a huge
project of network renumbering, so I do have some insight into the issues.

You didn't say what OS you're running, but I think my comments apply equally to
Solaris 1 and 2.

The problem with NIS is that (I think) the netmasks map expects masks to apply
to the entire network, i.e., an entry like:

    10.0.0.0 255.255.255.0

If you wanted to split 10.x into different sized subnets, netmasks would
probably be confused. You'd probably need to skip netmasks and specify the
netmask explicitly in each ifconfig.

Another problem is that RIP version 1, which is what Suns come with, doesn't
handle different sized subnets (it doesn't include the subnet mask in the
broadcast). RIP version 2 broadcasts netmasks, but it isn't heavily used. RIP
may also be inefficient for a network the size of yours. You'll probably want
to go to OSPF as a routing protocol. Gated (at least the latest versions)
supports all these protocols.

============================================================================

----- End Included Message -----

******************** End John O'Connor ******************
******************** Start Kevin Sheehan ****************

>From kevin@uniq.com.au Wed Mar 29 04:57 MET 1995
Return-Path: <kevin@uniq.com.au>
Received: from upshield.uniq.com.au (upstop.uniq.com.au) by elsun (5.0/SMI-SVR4)
        id AA18764; Wed, 29 Mar 1995 04:55:29 --100
Received: (from uucp@localhost) by upshield.uniq.com.au id NAA01742
  (8.6.11/IDA-1.6 for <heggli@elsun.ee.htl-bw.ch>); Wed, 29 Mar 1995 13:03:14 +1000
Received: from ups.uniq.com.au(192.195.152.18) by upshield.uniq.com.au via smap (V1.3)
        id sma001739; Wed Mar 29 13:02:56 1995
Received: from kalli.uniq.com.au (kalli) by ups.uniq.com.au with SMTP id AA26467
  (5.67b/IDA-1.5 for <heggli@elsun.ee.htl-bw.ch>); Wed, 29 Mar 1995 13:00:03 +1000
Received: by kalli.uniq.com.au (5.x/SMI-SVR4)
        id AA00361; Wed, 29 Mar 1995 12:55:04 +1000
Message-Id: <9503290255.AA00361@kalli.uniq.com.au>
From: Kevin.Sheehan@uniq.com.au (Kevin Sheehan {Consulting Poster Child})
Date: Wed, 29 Mar 1995 12:55:03 EST
X-Mailer: Mail User's Shell (7.1.2 7/11/90)
To: heggli@elsun.ee.htl-bw.ch (Heggli Beat)
Subject: Re: Netmask
Content-Type: text
Content-Length: 1363
X-Lines: 37
Status: RO

[ Regarding "Netmask", heggli@elsun.ee.htl-bw.ch writes on Mar 28: ]

> Sun says in its answerbook: (SunOS 5.3)
> "If you are going to subnet, you will need to select a network-wide
> netmask". - I guess different netmasks on a sun router do not work.

Yep - a netmask applies to a whole address. If you subnet a class C
or class B, the mask applies to everything.
>
>
> So I ask you:
>
> - has anybody out there a class B network with different netmasks and
> would be so kind to tell me, how he has done it?

Nope. As an example - netmasks takes an A B or C and you have one entry
for netmask - no way to specify different ones.
>
> - are there other specialized routers, who can manage different netmasks ?

Not to my knowledge - in fact, you even lose two of the subnets, because
although all 0's in the subnetted part is supposed to be a strange broadcast
for the whole network, most routers also eliminate all 1's too.
>
> - can DEC or HP Workstations act as routers with different netmasks ?

not to my knowledge.
>
> - Is my idea about this subject weird and there are much better solutions for
> this problem ?

Yep - the spec says a netmask applies to a whole network number. You
could use an unconnected class B and subnet it, but then you must install
proxy services to talk to the Internet.

                l & h,
                kev

********************* End Kevin Sheehan *******************
********************* Start Glenn Satchell ****************

>From glenn@uniq.com.au Wed Mar 29 12:01 MET 1995
Return-Path: <glenn@uniq.com.au>
Received: from upshield.uniq.com.au (upstop.uniq.com.au) by elsun (5.0/SMI-SVR4)
        id AA19460; Wed, 29 Mar 1995 12:00:54 --100
Received: (from uucp@localhost) by upshield.uniq.com.au id TAA05479
  (8.6.11/IDA-1.6 for <heggli@elsun.ee.htl-bw.ch>); Wed, 29 Mar 1995 19:53:22 +1000
Received: from ups.uniq.com.au(192.195.152.18) by upshield.uniq.com.au via smap (V1.3)
        id sma005476; Wed Mar 29 19:53:16 1995
Received: from upstage.uniq.com.au (upstage) by ups.uniq.com.au with SMTP id AA28134
  (5.67b/IDA-1.5 for <heggli@elsun.ee.htl-bw.ch>); Wed, 29 Mar 1995 19:50:15 +1000
Received: by upstage.uniq.com.au (5.0/SMI-SVR4)
        id AA13820; Wed, 29 Mar 1995 18:20:20 --1000
Date: Wed, 29 Mar 1995 18:20:20 --1000
From: Glenn.Satchell@uniq.com.au (Glenn Satchell - Uniq Professional Services)
Message-Id: <9503290820.AA13820@upstage.uniq.com.au>
To: heggli@elsun.ee.htl-bw.ch
Subject: Re: Netmask
X-Sun-Charset: US-ASCII
Content-Type: text
Content-Length: 3152
X-Lines: 90
Status: RO

If you need to put that many hosts on one subnet then you may get
problems with too much utilisation and a high number of collisions.
Can't you just create a few more subnets for the devices that you want
to put on the backbone?

I don't think any workstations can handle different subnet masks on
their interfaces, although most of the dedicated routers can. I know
for sure that Cisco can.

regards,

--
Glenn Satchell                    glenn@uniq.com.au  | There's  a fine  line
Uniq Professional Services Pty Ltd  ACN 056 279 335  | between  fishing  and
PO Box 70, Paddington, NSW 2021, (Sydney) Australia  | standing on the shore
Phone 02 380 6360 Pager 016 287 000 Fax 02 380 6416  | looking like an idiot.

> From sun-managers-request@uniq.com.au Wed Mar 29 17:22 EST 1995 > Date: Tue, 28 Mar 1995 10:00:20 --100 > From: heggli@elsun.ee.htl-bw.ch (Heggli Beat) > Reply-To: heggli@elsun.ee.htl-bw.ch (Heggli Beat) > To: sun-managers@ra.mcs.anl.gov > Subject: Netmask > Cc: heggli@elsun.ee.htl-bw.ch > X-Lines: 64 > > Hi > > Where else to ask for a network problem then the network ? > We have a class B Network that looks like this > > > Netmask 255.255.255.0 147.86.128.x backbone 10BASE5 > ---------------------------------------------------------- > | | > +---------------+ more hosts, more router > | Sun Router | > +---------------+ > | > Netmask 255.255.255.0 | 147.86.192.x > > > > This was ok for the last two years, but now we need more IP addresses > on the backbone. My idea was to change the netmask to > 255.255.240.0 . This is great, giving me much more addresses where > I need it. This is bad, leaving us only 15 subnets. > With different netmasks within our Network, we could have both: > more addresses on the backbone, 15 subnets each containing > up to 15 subnets. This would look like: > > > Netmask 255.255.240.0 147.86.x.x backbone 10BASE5 > ---------------------------------------------------------- > | | > +---------------+ more hosts, more router > | Sun Router | > +---------------+ > | > Netmask 255.255.255.0 | 147.86.192.x > > > > This would also be cool because I wouldn't have to change all the > netmasks behind the various routers on the backbone. > > But... > > Sun says in its answerbook: (SunOS 5.3) > "If you are going to subnet, you will need to select a network-wide > netmask". - I guess different netmasks on a sun router do not work. > > > So I ask you: > > - has anybody out there a class B network with different netmasks and > would be so kind to tell me, how he has done it? > > - are there other specialized routers, who can manage different netmasks ? > > - can DEC or HP Workstations act as routers with different netmasks ? > > - Is my idea about this subject weird and there are much better solutions for > this problem ? > > > any answer will be appreciated > > Beat Heggli > >

*************************** End Glenn Satchell ******************* *************************** Start Vippin Chadha ******************

>From vipin@cadence.com Wed Mar 29 13:19 MET 1995 Return-Path: <vipin@cadence.com> Received: from mailgate.Cadence.COM by elsun (5.0/SMI-SVR4) id AA19893; Wed, 29 Mar 1995 13:19:40 --100 Received: (from smap@localhost) by mailgate.Cadence.COM (8.6.8/8.6.8) id DAA04813 for <heggli@elsun.ee.htl-bw.ch>; Wed, 29 Mar 1995 03:20:43 -0800 Received: from pehli.cadence.com(158.140.126.121) by mailgate.cadence.com via smap (V1.0mjr) id sma004796; Wed Mar 29 03:20:27 1995 Received: (from vipin@localhost) by pehli.Cadence.COM (8.6.8/8.6.8) id QAA24825 for heggli@elsun.ee.htl-bw.ch; Wed, 29 Mar 1995 16:49:27 +0530 Date: Wed, 29 Mar 1995 16:49:27 +0530 From: Vippin Chadha <vipin@cadence.com> Message-Id: <199503291119.QAA24825@pehli.Cadence.COM> To: heggli@elsun.ee.htl-bw.ch Subject: Re: Netmask Content-Type: text Content-Length: 1364 X-Lines: 27 Status: RO

Hi , As it is , netmasks are always network-wide , and it has nothing to do with Sun or HP rather it is because of implementation of TCP/IP . As per your case , if on the main backbone the netmask is 255.255.240.0 , then the allowable subnets are : 147.86.Y.X where Y can be 0,16,32,64,80,96,112,128,144,160,176,192,208, 224,240 . Hence you can have 15 subnets . where X can be 0 to 255 ( 0 and 255 being reserved ). In this case teh hosts with add. ,147.86.193.x , 147.86.194.x and so on till 147.86.207.x will all be on the same subnet i.e 147.86.192.x.

With the above picture in mind if you consider the bottom half of your network in which 147.86.192 is the network with allowable 255 hosts as the netmaskis 255.255.255.0.For this area an add. like 147.86.193.x is on a seperate network which is 147.86.93 but for the upper half network it is actually an add. of host on subnet 147.86.192 so router will always be confused. If there are diff. netmasks on same network it will become very difficult for Routers and hosts to decide whether they are talking to other host or other network . To avoid this try putting same netmask throughout the network . You can as well try with 7 bits in the network field which will give you 128 subnets and also increase the no. of hosts . I hope this will clear your doubts . Thanks .. Vippin

*************************** End Vippin Chadha ************************* *************************** Start Kenneth Okenka **********************

>From okenka@mail.msen.com Wed Mar 29 14:38 MET 1995 Return-Path: <okenka@mail.msen.com> Received: from heifetz.msen.com by elsun (5.0/SMI-SVR4) id AA20197; Wed, 29 Mar 1995 14:38:23 --100 Received: from garnet.msen.com by heifetz.msen.com with smtp (Smail3.1.28.1 #12) id m0rtvlL-000ajkC; Wed, 29 Mar 95 06:18 EST Received: by garnet.msen.com (Smail3.1.28.1 #12) id m0rtvlG-0013FRC; Wed, 29 Mar 95 06:18 EST Message-Id: <m0rtvlG-0013FRC@garnet.msen.com> From: okenka@mail.msen.com (Kenneth P. Okenka) Subject: Re: Netmask To: heggli@elsun.ee.htl-bw.ch Date: Wed, 29 Mar 1995 06:18:06 -0500 (EST) In-Reply-To: <9503280800.AA05259@orakel.ee.htl-bw.ch> from "Heggli Beat" at Mar 28, 95 10:00:20 am X-Mailer: ELM [version 2.4 PL23] Content-Type: text Content-Length: 2977 X-Lines: 87 Status: RO

Hello, my name is Ken Okenka, I have used differnet subnet masks within a class "b" campus. What I did was to take the "b" and use it like a "c" dividing the fourth octect up. Groups that required around 100 units in a segment I used 255.255.255.128. Groups that required around 42 units in a segment I used 255.255.255.192. This left with 2 segments in the 128 mask and 4 segments in the 192 mask. I also could have 8 segments with 32 units using the mask of 255.255.255.224 but I did not want it that tight. If your systems support enhanced IGRP then I would recommend this, also that Novell's direction going to TCP/IP will start with enhanced IGRP. Since our group is using it already, we are ready for Novell's change to TCP/IP. We are using as routers - CISCO AGS+/4 units.

Hope this helps, Later, Ken O. e-mail: okenka@mail.msen.com

> > Hi > > Where else to ask for a network problem then the network ? > We have a class B Network that looks like this > > > Netmask 255.255.255.0 147.86.128.x backbone 10BASE5 > ---------------------------------------------------------- > | | > +---------------+ more hosts, more router > | Sun Router | > +---------------+ > | > Netmask 255.255.255.0 | 147.86.192.x > > > > This was ok for the last two years, but now we need more IP addresses > on the backbone. My idea was to change the netmask to > 255.255.240.0 . This is great, giving me much more addresses where > I need it. This is bad, leaving us only 15 subnets. > With different netmasks within our Network, we could have both: > more addresses on the backbone, 15 subnets each containing > up to 15 subnets. This would look like: > > > Netmask 255.255.240.0 147.86.x.x backbone 10BASE5 > ---------------------------------------------------------- > | | > +---------------+ more hosts, more router > | Sun Router | > +---------------+ > | > Netmask 255.255.255.0 | 147.86.192.x > > > > This would also be cool because I wouldn't have to change all the > netmasks behind the various routers on the backbone. > > But... > > Sun says in its answerbook: (SunOS 5.3) > "If you are going to subnet, you will need to select a network-wide > netmask". - I guess different netmasks on a sun router do not work. > > > So I ask you: > > - has anybody out there a class B network with different netmasks and > would be so kind to tell me, how he has done it? > > - are there other specialized routers, who can manage different netmasks ? > > - can DEC or HP Workstations act as routers with different netmasks ? > > - Is my idea about this subject weird and there are much better solutions for > this problem ? > > > any answer will be appreciated > > Beat Heggli > >

***************************** End Kenneth Okenka ********************* ***************************** Start Cindy Yoho ***********************

>From cindy@ddrsrv.dny.rockwell.com Wed Mar 29 17:28 MET 1995 Return-Path: <cindy@ddrsrv.dny.rockwell.com> Received: from ddrsrv.dny.rockwell.com (ddrsrv2.dny.rockwell.com) by elsun (5.0/SMI-SVR4) id AA20882; Wed, 29 Mar 1995 17:28:25 --100 Received: from jesse.ypddr0 ([141.102.40.39]) by ddrsrv.dny.rockwell.com (4.1/SMI-4.1) id AA19249; Wed, 29 Mar 95 07:19:48 PST Date: Wed, 29 Mar 95 07:19:48 PST From: cindy@ddrsrv.dny.rockwell.com (Cindy Yoho) Message-Id: <9503291519.AA19249@ddrsrv.dny.rockwell.com> To: heggli@elsun.ee.htl-bw.ch Subject: Re: Netmask Content-Type: text Content-Length: 1099 X-Lines: 31 Status: RO

Beat,

Yes, we have done something like what you are asking about. It worked fairly well, for us.

Netmask 255.255.0.0 141.102.x.x backbone 10BASE5 ---------------------------------------------------------- | | +---------------+ more hosts, more router | Sun Router | +---------------+ | Netmask 255.255.255.0 | 141.102.40.x

Cindy ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Cindy Yoho Systems & Network Manager ,--; cindy@ddrsrv2.dny.rockwell.com _ ___/ /\| Rockwell International ,;'( )__, ) Phone: 310-922-1838 // // `--\ FAX: 310-922-0537 ' / \ | / ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Delight yourself in the Lord, and He will give you the desires of your heart... ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

***************************** End Cindy Yoho ******************** ***************************** Start Russ Poffenberger ***********

>From poffen@San-Jose.ate.slb.com Wed Mar 29 17:31 MET 1995 Return-Path: <poffen@San-Jose.ate.slb.com> Received: from San-Jose.ate.slb.com (k2-1.San-Jose.ate.slb.com) by elsun (5.0/SMI-SVR4) id AA20891; Wed, 29 Mar 1995 17:31:35 --100 Received: from augusta.San-Jose.ate.slb.com by San-Jose.ate.slb.com (4.1/SMI-4.1-DNI-7.0.1-Z) id AA04605; Wed, 29 Mar 95 07:32:16 PST From: poffen@San-Jose.ate.slb.com (Russ Poffenberger) Message-Id: <9503291532.AA04605@San-Jose.ate.slb.com> To: heggli@elsun.ee.htl-bw.ch Subject: Re: Netmask Date: Wed, 29 Mar 1995 07:32:42 -0800 (PST) Mime-Version: 1.0 X-Mailer: Ishmail 1.0.4-sun-950119 Available via anonymous ftp from ftp.halsoft.com Content-Type: text Content-Length: 2534 X-Lines: 70 Status: RO

heggli@elsun.ee.htl-bw.ch (Heggli Beat) wrote: > Hi > > Where else to ask for a network problem then the network ? > We have a class B Network that looks like this > > > Netmask 255.255.255.0 147.86.128.x backbone 10BASE5 > ---------------------------------------------------------- > | | > +---------------+ more hosts, more router > | Sun Router | > +---------------+ > | > Netmask 255.255.255.0 | 147.86.192.x > > > > This was ok for the last two years, but now we need more IP addresses > on the backbone. My idea was to change the netmask to > 255.255.240.0 . This is great, giving me much more addresses where > I need it. This is bad, leaving us only 15 subnets. > With different netmasks within our Network, we could have both: > more addresses on the backbone, 15 subnets each containing > up to 15 subnets. This would look like: > > > Netmask 255.255.240.0 147.86.x.x backbone 10BASE5 > ---------------------------------------------------------- > | | > +---------------+ more hosts, more router > | Sun Router | > +---------------+ > | > Netmask 255.255.255.0 | 147.86.192.x > > > > This would also be cool because I wouldn't have to change all the > netmasks behind the various routers on the backbone. > > But... > > Sun says in its answerbook: (SunOS 5.3) > "If you are going to subnet, you will need to select a network-wide > netmask". - I guess different netmasks on a sun router do not work. > > > So I ask you: > > - has anybody out there a class B network with different netmasks and > would be so kind to tell me, how he has done it? > > - are there other specialized routers, who can manage different netmasks ? > > - can DEC or HP Workstations act as routers with different netmasks ? > > - Is my idea about this subject weird and there are much better solutions > for > this problem ?

Having a netmask that is different on different subnets for a particular address class is a violation of the spec, and will likely not work with ANY equipment.

Russ Poffenberger DOMAIN: poffen@San-Jose.ate.slb.com Schlumberger Technologies ATE UUCP: {uunet,decwrl,amdahl}!sjsca4!poffen 1601 Technology Drive CIS: 72401,276 San Jose, Ca. 95110 Voice: (408)437-5254 FAX: (408)437-5246

********************** End Russ Poffenberger ********************** ********************** Start Paulo Licio de Geus ******************

>From paulo@dcc.unicamp.br Wed Mar 29 17:33 MET 1995 Return-Path: <paulo@dcc.unicamp.br> Received: from tiete.dcc.unicamp.br (dcc.unicamp.br) by elsun (5.0/SMI-SVR4) id AA20897; Wed, 29 Mar 1995 17:33:44 --100 Received: from jaguari (jaguari.dcc.unicamp.br) by tiete.dcc.unicamp.br (4.1/SMI-4.1) id AA01284; Wed, 29 Mar 95 12:33:15 EST Received: by jaguari (5.0/SMI-SVR4) id AA02726; Wed, 29 Mar 1995 12:33:13 -0300 Date: Wed, 29 Mar 1995 12:33:13 -0300 From: paulo@dcc.unicamp.br (Paulo Licio de Geus) Message-Id: <9503291533.AA02726@jaguari> To: heggli@elsun.ee.htl-bw.ch (Heggli Beat) Subject: Netmask In-Reply-To: <9503280800.AA05259@orakel.ee.htl-bw.ch> References: <9503280800.AA05259@orakel.ee.htl-bw.ch> Content-Type: text Content-Length: 703 X-Lines: 18 Status: RO

I've got only the bad exprience part of your questions:-)

All Unixes that I know of have in.routed, which uses RIP as the routing protocol. RIP does not work with different masks, period. We tried, and the net effect was losing the default route all the time, among others...

HP seems to offer gated as a supported product on HP-UX, but I'm not sure. Anyway, get gated from the Berkeley site and get going. I personally have not done it but heard it works.

-- postmaster/manager Paulo Licio de Geus INTERNET: paulo@dcc.unicamp.br Depto de Ciencia da Computacao voice: +55 192 39-3115/8695/8442 DCC - IMECC - UNICAMP fax: +55 192 39-7470/5808 caixa postal: 6065 13081-970 Campinas SP Brazil

****************************** End Paulo Licio de Geus ************** ****************************** Start Steve Ozoa *********************

>From hermes!atmel.com!sozoa@uu4.psi.com Wed Mar 29 18:16 MET 1995 Return-Path: <hermes!atmel.com!sozoa@uu4.psi.com> Received: from uu4.psi.com by elsun (5.0/SMI-SVR4) id AA20985; Wed, 29 Mar 1995 18:16:47 --100 Received: from hermes.UUCP by uu4.psi.com (5.65b/4.0.071791-PSI/PSINet) via UUCP; id AA09116 for ; Wed, 29 Mar 95 11:08:06 -0500 Received: from athena.sjo.atmel.com by hermes.atmel.com (SMI-4.1 ATMEL Corporation) id AA01741; Wed, 29 Mar 95 07:59:48 PST Received: by athena.sjo.atmel.com (4.1/SMI-4.1) id AA15076; Wed, 29 Mar 95 07:59:45 PST Reply-To: sozoa@atmel.com Date: Wed, 29 Mar 95 07:59:45 PST From: sozoa@atmel.com (Steve Ozoa) Message-Id: <9503291559.AA15076@athena.sjo.atmel.com> To: heggli@elsun.ee.htl-bw.ch Subject: Re: Netmask Content-Type: text Content-Length: 1026 X-Lines: 21 Status: RO

The problem with different netmasks is not the box that's doing the routing, but the routing protocol it uses. Sun's in.routed supports RIP version 1, which does not include the netmask in the routing advertisements. That means each host has to know the netmask. You can try replacing routed with gated (public domain, check archie) which supports more routing protocols. Among others, it supports RIP version 2 and OSPF, both of which advertise the netmask.

Other alternatives of course include re-working the network, to reduce the number of subnets.

Or you can try renumbering to the class A network from RFC1597, which would give you more addresses to play with, but that's sure to be a pain (we're renumbering from multiple class C's now, which is bad enough). If you're connected to the Internet, it may also require work on your firewall, to hide the internal addresses.

Steve Ozoa CAD System Administrator 408-436-4292 ATMEL Corporation fax 408-436-4200 sozoa@atmel.com pager 408-233-5966

***************************** End Steve Ozoa ****************** ***************************** Start Michael Myers *************

>From mmyers@willamette.edu Wed Mar 29 18:34 MET 1995 Return-Path: <mmyers@willamette.edu> Received: from earth.willamette.edu by elsun (5.0/SMI-SVR4) id AA21016; Wed, 29 Mar 1995 18:34:21 --100 Received: from minerva.willamette.edu (mmyers@minerva.willamette.edu [158.104.64.1]) by earth.willamette.edu (8.6.10/8.6.4) with ESMTP id IAA27230 for <heggli@elsun.ee.htl-bw.ch>; Wed, 29 Mar 1995 08:35:28 -0800 Received: (mmyers@localhost) by minerva.willamette.edu (8.6.10/8.6.4) id IAA28259; Wed, 29 Mar 1995 08:35:27 -0800 Date: Wed, 29 Mar 1995 08:35:26 -0800 (PST) From: Michael Myers <mmyers@willamette.edu> To: Heggli Beat <heggli@elsun.ee.htl-bw.ch> Subject: Re: Netmask In-Reply-To: <9503280800.AA05259@orakel.ee.htl-bw.ch> Message-Id: <Pine.SUN.3.91.950329082943.27766B-100000@minerva> Mime-Version: 1.0 Content-Type: TEXT/PLAIN; charset="US-ASCII" Content-Length: 3111 X-Lines: 89 Status: RO

The subnet mask does indeed need to be the same for the entire network unless it's using a completely disjoint set of IP addresses (eg, one network sharing 158.104.x.x and 192.82.120.x, an example from here).

However, why don't you just pick the right number of bits to balance things out? Right now you have an 8 bit subnet and an 8 bits for the machine. Try 7 or 6 bits for the subnet (128 or 64 subnets) and 9 or 10 bits for the machine (512 or 1024 machines).

We currently use 248 (11111000) for our class B mask, giving us 2048 hosts on each of our 32 subnets (I wanted to go with 64 nets and 1024 hosts, but I got voted down).

Best of luck changing the subnet mask. It's a major undertaking. Plan well ahead, get a list of hosts you'll need to muck with, figure out what you'll need to do (exactly) and how to make it stick once it's done then schedule a weekend to take things paritally down.

It's blast..

- Mike

On Tue, 28 Mar 1995, Heggli Beat wrote:

> Hi > > Where else to ask for a network problem then the network ? > We have a class B Network that looks like this > > > Netmask 255.255.255.0 147.86.128.x backbone 10BASE5 > ---------------------------------------------------------- > | | > +---------------+ more hosts, more router > | Sun Router | > +---------------+ > | > Netmask 255.255.255.0 | 147.86.192.x > > > > This was ok for the last two years, but now we need more IP addresses > on the backbone. My idea was to change the netmask to > 255.255.240.0 . This is great, giving me much more addresses where > I need it. This is bad, leaving us only 15 subnets. > With different netmasks within our Network, we could have both: > more addresses on the backbone, 15 subnets each containing > up to 15 subnets. This would look like: > > > Netmask 255.255.240.0 147.86.x.x backbone 10BASE5 > ---------------------------------------------------------- > | | > +---------------+ more hosts, more router > | Sun Router | > +---------------+ > | > Netmask 255.255.255.0 | 147.86.192.x > > > > This would also be cool because I wouldn't have to change all the > netmasks behind the various routers on the backbone. > > But... > > Sun says in its answerbook: (SunOS 5.3) > "If you are going to subnet, you will need to select a network-wide > netmask". - I guess different netmasks on a sun router do not work. > > > So I ask you: > > - has anybody out there a class B network with different netmasks and > would be so kind to tell me, how he has done it? > > - are there other specialized routers, who can manage different netmasks ? > > - can DEC or HP Workstations act as routers with different netmasks ? > > - Is my idea about this subject weird and there are much better solutions for > this problem ? > > > any answer will be appreciated > > Beat Heggli > >

************************** End Michael Myers ****************** ************************** Start Dave Russell *****************

>From russell@mdso.vf.ge.com Thu Mar 30 15:53 MET 1995 Return-Path: <russell@mdso.vf.ge.com> Received: from dekalb.vf.mmc.com by elsun (5.0/SMI-SVR4) id AA25001; Thu, 30 Mar 1995 15:52:43 --100 Received: from franklin.vf.mmc.com (franklin.VF.GE.COM [3.21.24.83]) by dekalb.vf.mmc.com (8.6.11/8.6.10) with ESMTP id IAA18659 for <heggli@elsun.ee.htl-bw.ch>; Thu, 30 Mar 1995 08:53:55 -0500 Received: from sde ([3.9.72.5]) by franklin.vf.mmc.com (8.6.11/8.6.10) with SMTP id IAA07327 for <heggli@elsun.ee.htl-bw.ch>; Thu, 30 Mar 1995 08:53:54 -0500 Received: from sde701.mdso.vf.ge.com by sde (4.1/MMC Sun server D-3.3) id AA07331; Thu, 30 Mar 95 08:49:21 EST Received: by sde701.mdso.vf.ge.com (4.1/GEA Sun client 1.19B) id AA12341; Thu, 30 Mar 95 08:49:20 EST From: russell@mdso.vf.ge.com Date: Thu, 30 Mar 95 08:49:20 EST Message-Id: <9503301349.AA12341@sde701.mdso.vf.ge.com> To: heggli@elsun.ee.htl-bw.ch Subject: Re: Netmask Content-Type: text Content-Length: 599 X-Lines: 10 Status: RO

The basic problem is that the Sun OS cannot handle more than one subnet mask per address.

There really isn't a clean way of doing it. I have a "variable length subnet mask" because I am running OSPF. I have a 2 bit mask for my WAN connections and a 5 bit mask for my ethernets and FDDI rings. The Sun does not know about the 2 bit mask and rejects any routing table updates for such nets. I am running OSPF on the Sun.

There is a bug ID and an RFE for this problem. BUG 1061398 and RFE 1168709

Maybe if enough people complain then Sun will fix this limitation.

Dave Russell Lockheed Martin

************************* End Dave Russell ******************** ************************* Start Steven Dick *******************

>From alfred!nevets.oau.org!ssd@osceola.cs.ucf.edu Thu Mar 30 22:24 MET 1995 Return-Path: <alfred!nevets.oau.org!ssd@osceola.cs.ucf.edu> Received: from osceola.cs.ucf.edu by elsun (5.0/SMI-SVR4) id AA25651; Thu, 30 Mar 1995 22:24:40 --100 Received: from alfred.UUCP by osceola.cs.ucf.edu (4.1/1.34) id AA02328; Thu, 30 Mar 95 15:26:48 EST Received: by alfred.oau.org (/\==/\ Smail3.1.28.1 #28.1) id <m0ruQWd-00002bC@alfred.oau.org>; Thu, 30 Mar 95 15:09 EST Received: by nevets.oau.org (Smail3.1.29.1 #2) id m0ruQOR-0003uTC; Thu, 30 Mar 95 15:00 EST Message-Id: <m0ruQOR-0003uTC@nevets.oau.org> Date: Thu, 30 Mar 95 15:00 EST From: ssd@nevets.oau.org (Steven S. Dick) To: heggli@elsun.ee.htl-bw.ch Subject: Re: Netmask Newsgroups: info.sun-managers In-Reply-To: <9503280800.AA05259@orakel.ee.htl-bw.ch> Organization: enihcam xuniL s'nevetS Cc: Content-Type: text Content-Length: 2554 X-Lines: 49 Status: RO

The real reason for the netmask is to assist in routing, of course.

So, you can set your netmask to *anything* on any machine, as long as the routing still works correctly. :)

Actually, you can set the netmask differently on different machines, but then services that rely on broadcasts (such as rusers) might not work across machines with different netmasks/broadcast addresses.

There are three ways to handle the routing itself; these can be mixed on a WAN if you are careful. 1) Use a netmask specific to each network segment on each ethernet interface. I'm not sure if SunOS supports this--I think it wants a unified netmask on all interfaces, but I might be wrong. Also, if you have subnets in subnets, you may need a netmask specific to a route rather than the interface. I'm sure that SunOS does not support this. 2) Use the "least common" netmask--i.e. the one with the fewest 0 bits. This may result in several "subnets" being on the same physical net. For example, you could have a class B site network address and use a class C netmask on all machines.

If a machine wants to talk to a machine on the same physical segment, but with a different network address according to the netmask, the router should send it an ICMP redirect, and things should work fine. Alternately, you could add static routes to each machine to tell it that several logical nets are on the same physical net for its ethernet interface. Of course, if you add static routes, you must make sure routed is NOT running, or it will wipe them. (If you are running routed, it might discover them and add them anyway.)

Note that this might also prevent broadcasts between logical nets on the same physical net, depending on how you set the broadcast address.

3) Assuming the same physical setup as above, you could use a class B netmask on all machines, and set the router to do proxy arp. With this situation, if a host attempts to contact a machine on a different physical net, the router will recognize the request and send an arp reply pretending that _it_ is the remote host.

I am currently using a net at work that uses both 2 & 3, on different machines and/or different network segments. Personally, I prefer the proxy arp method, as it is the easiest to set up. Unfortunately, one of the routers on my network segment does not support proxy arp, so I have to use method 2 to reach machines on that segment.

Steve ssd@nevets.oau.org

*********************** End Steven Dick ********************** *********************** Start Todd Miller ********************

>From millert@suod.cs.colorado.edu Tue Apr 4 02:42 MET 1995 Return-Path: <millert@suod.cs.colorado.edu> Received: from suod.cs.colorado.edu by elsun (5.0/SMI-SVR4) id AA06525; Tue, 4 Apr 1995 02:42:48 --100 Received: from suod.cs.colorado.edu (localhost.cs.colorado.edu [127.0.0.1]) by suod.cs.colorado.edu (8.6.11/8.6.9) with ESMTP id SAA11468 for <heggli@elsun.ee.htl-bw.ch>; Mon, 3 Apr 1995 18:43:59 -0600 Message-Id: <199504040043.SAA11468@suod.cs.colorado.edu> To: heggli@elsun.ee.htl-bw.ch (Heggli Beat) Reply-To: Todd.Miller@cs.colorado.edu Subject: Re: Netmask In-Reply-To: Your message of "Tue, 28 Mar 1995 10:00:20." <9503280800.AA05259@orakel.ee.htl-bw.ch> References: <9503280800.AA05259@orakel.ee.htl-bw.ch> Date: Mon, 03 Apr 1995 18:43:56 -0600 From: "Todd C. Miller" <Todd.Miller@cs.colorado.edu> Content-Type: text Content-Length: 475 X-Lines: 11 Status: RO

We have a class B address split up into class C sized subnets. Recently we've been migrating to a netmask of ffffffc0 which gives use 4 times as many subnets. You *can* have different netmasks live together happily. However, the BSD networking code can't handle different netmaks on different interfaces on the same machine. This isn't a problem for us since each subnet is connected directly to our cisco router which handles the different netmasks rather well.

- todd

*********************** End Tobb Miller ************************



This archive was generated by hypermail 2.1.2 : Fri Sep 28 2001 - 23:10:22 CDT