[isalist] Re: Isa 2004 and CIDR?

• From: "Thomas W Shinder" <tshinder@xxxxxxxxxxx>
• To: <isalist@xxxxxxxxxxxxx>
• Date: Wed, 12 Jul 2006 11:17:19 -0500

http://www.ISAserver.org
-------------------------------------------------------

That's what I said. :P

Thomas W Shinder, M.D.
Site: www.isaserver.org
Blog: http://blogs.isaserver.org/shinder/
Book: http://tinyurl.com/3xqb7
MVP -- ISA Firewalls

 

> -----Original Message-----
> From: isalist-bounce@xxxxxxxxxxxxx 
> [mailto:isalist-bounce@xxxxxxxxxxxxx] On Behalf Of Thor 
> (Hammer of God)
> Sent: Wednesday, July 12, 2006 10:15 AM
> To: isalist@xxxxxxxxxxxxx
> Subject: [isalist] Re: Isa 2004 and CIDR?
> 
> http://www.ISAserver.org
> -------------------------------------------------------
>   
> Actually, the mask designates the Network ID.  This from the 
> RFC itself:
> 
> 3. Private Address Space
> 
>    The Internet Assigned Numbers Authority (IANA) has reserved the
>    following three blocks of the IP address space for private 
> internets:
> 
>      10.0.0.0        -   10.255.255.255  (10/8 prefix)
>      172.16.0.0      -   172.31.255.255  (172.16/12 prefix)
>      192.168.0.0     -   192.168.255.255 (192.168/16 prefix)
> 
>    We will refer to the first block as "24-bit block", the second as
>    "20-bit block", and to the third as "16-bit" block. Note that (in
>    pre-CIDR notation) the first block is nothing but a single class A
>    network number, while the second block is a set of 16 contiguous
>    class B network numbers, and third block is a set of 256 contiguous
>    class C network numbers.
> 
> So there. ;)
> 
> t
> 
> 
> On 7/12/06 8:09 AM, "Thomas W Shinder" <tshinder@xxxxxxxxxxx> 
> spoketh to
> all:
> 
> > http://www.ISAserver.org
> > -------------------------------------------------------
> > 
> > It's actually a network ID, not a sub-network ID
> > 
> > Thomas W Shinder, M.D.
> > Site: www.isaserver.org
> > Blog: http://blogs.isaserver.org/shinder/
> > Book: http://tinyurl.com/3xqb7
> > MVP -- ISA Firewalls
> > 
> >  
> > 
> >> -----Original Message-----
> >> From: isalist-bounce@xxxxxxxxxxxxx
> >> [mailto:isalist-bounce@xxxxxxxxxxxxx] On Behalf Of Thor
> >> (Hammer of God)
> >> Sent: Wednesday, July 12, 2006 10:07 AM
> >> To: isalist@xxxxxxxxxxxxx
> >> Subject: [isalist] Re: Isa 2004 and CIDR?
> >> 
> >> http://www.ISAserver.org
> >> -------------------------------------------------------
> >>   
> >> Well, to be pedantic, 1918 specifies 192.168.0.0 as a "block"
> >> of 256 C-Class
> >> subnets, not as a subnet in itself.  So you really can't call
> >> 192.168 a /16
> >> subnet.
> >> 
> >> t
> >> 
> >> 
> >> On 7/12/06 7:57 AM, "Jim Harrison" <jim@xxxxxxxxxxxx> 
> spoketh to all:
> >> 
> >>> http://www.ISAserver.org
> >>> -------------------------------------------------------
> >>>   
> >>> 1. Per RFC 1918, 192.168 is a /16 subnet; not a /24.
> >>> 2. ISA will not care so long as you define the network properly.
> >>> 
> >>> Sent via WM5-enabled PPC-phone
> >>> 
> >>> -----Original Message-----
> >>> From: "Taps" <Taps@xxxxxxxxxxxx>
> >>> To: isalist@xxxxxxxxxxxxx
> >>> Sent: 7/11/06 18:47
> >>> Subject: [isalist] Isa 2004 and CIDR?
> >>> 
> >>> http://www.ISAserver.org
> >>> -------------------------------------------------------
> >>>   
> >>> I know this is going to sound like a silly question, but I
> >> cant find any
> >>> information confirming or denying this:
> >>> 
> >>> We are currently using a 192.168.140.0/24 subnet in our internal
> >>> network.  Recently, we have started using VMWare to do
> >> support of some
> >>> of our customers.  We like to have duplicate setups of
> >> their servers in
> >>> our virtual environment. At the extreme, our customers have
> >> 7 separate
> >>> servers per site which we duplicate.  We have recently
> >> acquired many new
> >>> customers and about half our what we term "multi-site".  So
> >> there is a
> >>> possiblity of 14 or 21 servers.  Each of which needing a static IP
> >>> address (because of the stupid way the software is written).
> >>> 
> >>> With the addition of these, plus the rest of our network,
> >> we are running
> >>> out of IP Addresses.  I am thinking of dropping the subnet
> >> mask back to
> >>> a /23 or /22.  To give me a usable range of
> >>> 192.168.140.1-192.168.143.254.
> >>> 
> >>> I realizing because of CIDR, the theory of 192.x.x.x 
> needing to be a
> >>> classC isnt an absolute anymore.  But before I go through
> >> and make any
> >>> changes, I was wondering if anyone could confirm or deny
> >> that ISA will
> >>> handle this without any major issues.
> >>> 
> >>> Before you ask, yes, I plan on testing this before I roll
> >> it out.  But
> >>> that wont be for a while.  I figured if anyone had tried something
> >>> similar they could clue me in on any issues that they might
> >> have had.
> >>> If someone has tried it and it just wont work, then I will
> >> find another
> >>> alternative.
> >>> 
> >>> And yes, switching to a 10.x.x.x address was considered.  
> But again,
> >>> with the way some of the software was written, the IP
> >> addresses would
> >>> need to stay the same.
> >>> 
> >>> 
> >>> 
> >>> --
> >>> 
> >>> Taps@xxxxxxxxxxxx
> >>> http://Taps.Iniquity.Org
> >>> -  "What spirit is so empty and blind, that it cannot
> >> recognize the fact
> >>> that the foot is more noble than the shoe, and skin more
> >> beautiful than
> >>> the garment with which it is clothed?"
> >>>  -- Michaelangelo
> >>> 
> >>> -  "Build a man a fire, and he'll be warm for a day. Set a man on
> >>> 
> >>> 
> >>> All mail to and from this domain is GFI-scanned.
> >>> 
> >>> ------------------------------------------------------
> >>> List Archives: //www.freelists.org/archives/isalist/
> >>> ISA Server Newsletter: 
> http://www.isaserver.org/pages/newsletter.asp
> >>> ISA Server Articles and Tutorials:
> >>> http://www.isaserver.org/articles_tutorials/
> >>> ISA Server Blogs: http://blogs.isaserver.org/
> >>> ------------------------------------------------------
> >>> Visit TechGenix.com for more information about our other sites:
> >>> http://www.techgenix.com
> >>> ------------------------------------------------------
> >>> To unsubscribe visit http://www.isaserver.org/pages/isalist.asp
> >>> Report abuse to listadmin@xxxxxxxxxxxxx
> >>> 
> >>> 
> >>> 
> >> 
> >> 
> >> ------------------------------------------------------
> >> List Archives: //www.freelists.org/archives/isalist/
> >> ISA Server Newsletter: 
> http://www.isaserver.org/pages/newsletter.asp
> >> ISA Server Articles and Tutorials:
> >> http://www.isaserver.org/articles_tutorials/
> >> ISA Server Blogs: http://blogs.isaserver.org/
> >> ------------------------------------------------------
> >> Visit TechGenix.com for more information about our other sites:
> >> http://www.techgenix.com
> >> ------------------------------------------------------
> >> To unsubscribe visit http://www.isaserver.org/pages/isalist.asp
> >> Report abuse to listadmin@xxxxxxxxxxxxx
> >> 
> >> 
> >> 
> > ------------------------------------------------------
> > List Archives: //www.freelists.org/archives/isalist/
> > ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
> > ISA Server Articles and Tutorials:
> > http://www.isaserver.org/articles_tutorials/
> > ISA Server Blogs: http://blogs.isaserver.org/
> > ------------------------------------------------------
> > Visit TechGenix.com for more information about our other sites:
> > http://www.techgenix.com
> > ------------------------------------------------------
> > To unsubscribe visit http://www.isaserver.org/pages/isalist.asp
> > Report abuse to listadmin@xxxxxxxxxxxxx
> > 
> > 
> > 
> 
> 
> ------------------------------------------------------
> List Archives: //www.freelists.org/archives/isalist/  
> ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp 
> ISA Server Articles and Tutorials: 
> http://www.isaserver.org/articles_tutorials/ 
> ISA Server Blogs: http://blogs.isaserver.org/ 
> ------------------------------------------------------
> Visit TechGenix.com for more information about our other sites:
> http://www.techgenix.com 
> ------------------------------------------------------
> To unsubscribe visit http://www.isaserver.org/pages/isalist.asp 
> Report abuse to listadmin@xxxxxxxxxxxxx 
> 
> 
> 
------------------------------------------------------
List Archives: //www.freelists.org/archives/isalist/
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server Articles and Tutorials: http://www.isaserver.org/articles_tutorials/
ISA Server Blogs: http://blogs.isaserver.org/
------------------------------------------------------
Visit TechGenix.com for more information about our other sites:
http://www.techgenix.com
------------------------------------------------------
To unsubscribe visit http://www.isaserver.org/pages/isalist.asp
Report abuse to listadmin@xxxxxxxxxxxxx

Other related posts:

• » [isalist] Isa 2004 and CIDR?
• » [isalist] Re: Isa 2004 and CIDR?
• » [isalist] Re: Isa 2004 and CIDR?
• » [isalist] Re: Isa 2004 and CIDR?
• » [isalist] Re: Isa 2004 and CIDR?
• » [isalist] Re: Isa 2004 and CIDR?
• » [isalist] Re: Isa 2004 and CIDR?
• » [isalist] Re: Isa 2004 and CIDR?

1. Home
2. isalist
3. Archive
4. 07-2006

---

• » Previous by Date
• » Next by Date
• » Related Posts
• » View list details
• » Manage your subscription

---