|
Home > Archive > CCNA > April 2003 > Hmmmm, was laying in bed thinking....
You are viewing an archived Text-only version of the thread.
To view this thread in it's original format and/or if you want to reply to
this thread please [click here]
| Author |
Hmmmm, was laying in bed thinking....
|
|
| ChrisDfer 2003-04-23, 3:34 am |
| I was trying to goto sleep but I kept on thinking about subnetting. Now I understand how to subnet and why you would subnet if you have real public addresses but what I don't get is is why you want to subnet if you were using just private ip addresses. I mean wouldn't it be easier not to worry about subnetting in that case? Am I missing osmthing here? I keep thinking back to when I was interning at this place and they had their networks subnetted but they were all private addresses. I wish I would have asked about it now. | |
|
| Subnetting would be used to logically separate networks from each other, reducing broadcast domains, which reduces congestion and increases throughput. Makes your life esaier too.
Our teacher said it's not uncommon for an admin to be able to look at one of their IP addresses and tell you exactly what floor or part of town that address is located at.
That's it, in a nutshell, as I understand it. Perhaps someone with more experience will enlighten us further... | |
| edmonds_robert 2003-04-23, 8:26 am |
| quote:
Originally posted by beRAD
Subnetting would be used to logically separate networks from each other, reducing broadcast domains, which reduces congestion and increases throughput. Makes your life esaier too.
Our teacher said it's not uncommon for an admin to be able to look at one of their IP addresses and tell you exactly what floor or part of town that address is located at.
That's it, in a nutshell, as I understand it. Perhaps someone with more experience will enlighten us further...
beRAD hit the nail on the head. I manage a network that has more than 10 different locations scattered throughout our county. We use the network 172.16.0.0 but subnet it be /24 networks. I can indeed tell you where an address lies by the subnet on which it resides. I have it done by building and floor, making it very easy to track down a problem and isolate that computer if necessary.
The broadcast issue is also important. You want to keep as much traffic as possible "local". Why send broadcasts all across your network to hosts that will never need to "hear" them? | |
| anchor40 2003-04-23, 8:43 am |
| That's part of it, beRAD. This is long, but you asked for iot! 
We actually use /23's for each floor, so we assign the networks in order of floor occupancy - 10.1.2.0/23 is floor 21 (our first occupied floor), 10.1.4.0/23 is 22nd floor, etc.
Another time it's used (which we also do) is we are a subsidiary, and the parent company, which is HUGE and has over a dozen different subs has allocated private address space to us, so we don't have to worry about NAT-ing when we interconnect to some of the other subs. Also, the parent company can easily identify any traffic that shouldn't be there, ie, internal deviant doing a ping-sweep on a subsidiary network. Before this allocated private addressing, we had bits and pieces from all the rfc 1918 ranges. Both sides had a NAT router to prevent the duplicate IPs from squashing each other. It was extremely difficult to implement new projects because of the coordination (parent went through some downsizing, and our contact kept changing!).
Third, summarization. With a good IP address layout, you can drastically reduce the impact to your routing processes with small tables. Real world - we have 2500 users in our corporate offices, over 500 servers (NT, Unix, kitchen sink...), WAN links to our international offices, and they all summarize into one route to the parent company. Internally, our OSPF tables have about 10 routes for all that infrastructure.
Did we need to reduce our OSPF routing to that extreme? No, but it was a by-product of the new addressing scheme the parent needed us to implement.
Fourth, some might argue with me on this one, but just because you can "waste" IP addresses, doesn't mean you should. If you're a small to mid-size shop, with little chance of being bought by a bigger company OR buying another company, then it's probably less important. But it's still good practice to use what you need.
Fifth, don't worry about the fact that you were thinking of subnetting while trying to fall asleep. Some of my best problem solving ideas have woken me up at 2am. To get to sleep I like to count mask bits instead of sheep - /8, /9, /10... by the time I hit /22, I'm usually out! | |
| ChrisDfer 2003-04-23, 10:35 am |
| So anchor40 really the only reason why one would do it in a small enviorment is to play it safe? In case they were maybe merged into another network?
Berad: Yeah I already know how to subnet and why etc... my question was why would you do it if you were using private IP's since there most likely wouldn't be a shortage of them. | |
| edmonds_robert 2003-04-25, 4:42 pm |
| quote:
[i]my question was why would you do it if you were using private IP's since there most likely wouldn't be a shortage of them. [/B]
You can also subnet for security reasons, even in a small network. For example, say you had a server that only your accounting folks needed to access. You could put them on a subnet by themselves and set up an access control list that would only allow computers from their subnet to access that server.
Now don't start on me. I know that's not the only security you would want on the server, but you get the point. | |
| anchor40 2003-04-25, 4:49 pm |
| Good point! Also departmental VLANs to also enable different security needs per department (especially the security users! They can get set to unrestricted access!)
 |
|
|
|
|