[racktables-users] Re: Overlapping subnets
- From: Don McMorris <dmcmorris@xxxxxxxxxxxxxx>
- To: racktables-users@xxxxxxxxxxxxx
- Date: Sun, 28 Mar 2010 12:49:46 -0400
Bryan Taylor wrote:
I made two subnets that overlapped a 192.168.2.0/25 and a
192.168.2.0/26. It looks like it split the /26 in half as
192.168.2.24 is the last reserved when viewing the /26 acting as the
broadcast from the /25. My question is.. why did racktables allow me
to do this?
This is a legit practice in subnetting - and arguably the definition of
it. Whereas I might, in my organization, use 192.168.0.0/16 as a subnet
for Foo Enterprises, I might subnet 192.168.2.0/24 to the Barbaz
location, They might further subnet this to 192.168.2.0/25 to be Barbaz
R&D and 192.168.2.128/25 to Administrative. Now, Barbaz R&D might
further subnet their 192.168.2.0/25 to 192.168.2.0/26 for R&D employees
desktops and 192.168.2.64/26 to product demos.
Why might you do this? In this case, it might not be that good
looking... but assuming the 3 segments are layer 1 (cabling) or layer 2
(by VLANs) isolated, the only inter-subnet communication would have to
be via layer 3 (IP) routing... So, in this set up, you can use layer 3
firewall rules to restrict access to 192.168.2.128/25 (admin net) from
192.168.2.0/25 (R&D), restrict access from 192.168.2.64/26 (R&D Demo) to
192.168.2.0/25 and 192.168.2.128/25, allow unrestricted access from
192.168.2.0/26 (R&D Desktops) to 192.168.2.64/26 (R&D Demos), and so on.
Hope I understood your question as you intended for it to be understood,
and hope this helps!
--Don
--
Don McMorris Jr.
| Operations Manager
| Equinox Software Inc. "The Evergreen Experts"
| Direct: 1.770.709.5569
| Toll-free: 1.877.Open.ILS (1.877.673.6457) x5569
| E-Mail/AIM: dmcmorris@xxxxxxxxxxxxxx
| Web: http://www.esilibrary.com
| Member: ALA (ERT, IFRT, IRRT, SRRT), PLA, LITA
Equinox will be at the 2010 Public Library Association
Conference in Portland, Oregon, March 23-27.
Please come by and see us in booth #1407!
Other related posts:
