route a range of subnets

route a range of subnets

Post by Lightyea » Thu, 24 Apr 2003 18:28:54



Hi,

How to route a packet with destination of range
10.0.13.0/24 - 10.0.72/24 (only) through 10.0.2.253
gateway?

Lightyear

 
 
 

route a range of subnets

Post by Lightyea » Thu, 24 Apr 2003 18:42:40



> How to route a packet with destination of range
> 10.0.13.0/24 - 10.0.72.0/24 (only) through 10.0.2.253
> gateway?

Is giving a netmask of 17 the only way in this case?
e.g. route add -net 10.0.0.0/17 gw 10.0.2.253

I find it to result in a huge range of subnets, while
I only want 10.0.13. - 10.0.72.

Any other alternatives?

Lightyear

 
 
 

route a range of subnets

Post by Cedric Blanche » Thu, 24 Apr 2003 18:44:06


Dans sa prose, Lightyear nous ecrivait :

Quote:> How to route a packet with destination of range
> 10.0.13.0/24 - 10.0.72/24 (only) through 10.0.2.253
> gateway?

Gni ?

        route add -net 10.0.13.0/24 gw 10.0.2.253
        route add -net 10.0.72.0/24 gw 10.0.2.253

I'm quite puzzled...

--
 Un inconnu du nom de Mailer-Daemon re?oit mes mails. Comment cela est
 possible ? Comment l'eviter. Rpondre trs rapidement, car mon mois
 d'essai se termine ce soir, et je suis trs inquiete de ce piratage ?
 -+- Exorcisme dans le GNU - Satan l'habite, son bit l'attend -+-

 
 
 

route a range of subnets

Post by Cedric Blanche » Thu, 24 Apr 2003 18:44:31


Dans sa prose, Lightyear nous ecrivait :

Quote:> Is giving a netmask of 17 the only way in this case?
> e.g. route add -net 10.0.0.0/17 gw 10.0.2.253
> I find it to result in a huge range of subnets, while
> I only want 10.0.13. - 10.0.72.
> Any other alternatives?

Set 2 routes. Why limitating yourself to 1 only rule ?

--
Bon, bien s?r, il n'y a aucun contr?le d'erreurs, mais je le ferais quand
j'aurais le temps.
-+- CG in Debian-french : "les informaticiens ont encore frapp" -+-

 
 
 

route a range of subnets

Post by jack » Thu, 24 Apr 2003 18:58:13



>>How to route a packet with destination of range
>>10.0.13.0/24 - 10.0.72.0/24 (only) through 10.0.2.253
>>gateway?

> Is giving a netmask of 17 the only way in this case?
> e.g. route add -net 10.0.0.0/17 gw 10.0.2.253

> I find it to result in a huge range of subnets, while
> I only want 10.0.13. - 10.0.72.

What does Your "-" mean here? - Does it say "10.0.13, .14,.. ,.72",
or does it say "net 10.0.13/24 and net 10.0.73/24"?

In the former case, the rule You posted (netmask /17) is exactly
what You want. If it is the latter, You would be better off adding
two rules like "route add -net 10.0.13/24 gw 10.0.2.253", and
the same with "-net 10.0.73/24".

Quote:> Any other alternatives?

You could review Your network topology and ask Yourself why You have
chosen these address ranges. - Most of those routing-related problems
come from poor network design.

Cheers, Jack.

--
----------------------------------------------------------------------
My personal reading of the string "MicroSoft" expands to "NanoWeak"...

 
 
 

route a range of subnets

Post by Lightyea » Thu, 24 Apr 2003 18:56:20



>    route add -net 10.0.13.0/24 gw 10.0.2.253
>    route add -net 10.0.72.0/24 gw 10.0.2.253

> I'm quite puzzled...

What i mean is a range of subnets, e.g.
10.0.13.0, 10.0.14.0, 10.0.15.0, ...., 10.0.71.0, 10.0.72.0

Lightyear

 
 
 

route a range of subnets

Post by Cedric Blanche » Thu, 24 Apr 2003 19:00:30


Dans sa prose, Lightyear nous ecrivait :

Quote:>> I'm quite puzzled...
> What i mean is a range of subnets, e.g.
> 10.0.13.0, 10.0.14.0, 10.0.15.0, ...., 10.0.71.0, 10.0.72.0

OK. Then you have two solutions.

First, you can find a subnet that covers the whole range, which is done
using 10.0.0.0/17. But, it may not cover your needs.

Second, you implement a set of routes that covers the range, but only the
range. You can use wonderful netmask tool to calculate them :


      10.0.13.0/24
      10.0.14.0/23
      10.0.16.0/20
      10.0.32.0/19
      10.0.64.0/21
      10.0.72.0/24

--
 Mvscp2 sur Dreamcast c'est comme un trip 640x480 sur une geforce2
 -+- GaVaGe in GPJ: Bad Trip en vue -+-

 
 
 

route a range of subnets

Post by Lightyea » Thu, 24 Apr 2003 19:08:03



> What does Your "-" mean here? - Does it say "10.0.13, .14,.. ,.72",
> or does it say "net 10.0.13/24 and net 10.0.73/24"?

Yep this is what I mean.

Quote:> In the former case, the rule You posted (netmask /17) is exactly
> what You want. If it is the latter, You would be better off adding
> two rules like "route add -net 10.0.13/24 gw 10.0.2.253", and
> the same with "-net 10.0.73/24".

>> Any other alternatives?

> You could review Your network topology and ask Yourself why You have
> chosen these address ranges. - Most of those routing-related problems
> come from poor network design.

Thanks. that's what i thought, by giving a netmask of /17. I agree that it
might be a poor network design. The range becomes too wide.

Since the upper-most limit of the range is 10.0.72.0, I'm thinking to
reject these subnets in the routing table:
10.0.112.0/20 with (01110000) in 3rd octet
10.0.80.0/20 with (01010000) in 3rd octet
10.0.96.0/20 with (01100000) in 3rd octet

I'm not sure if this approach is appropriate, though.

Thanks a lot,

Lightyear

 
 
 

route a range of subnets

Post by Lightyea » Thu, 24 Apr 2003 19:16:25




>       10.0.13.0/24
>       10.0.14.0/23
>       10.0.16.0/20
>       10.0.32.0/19
>       10.0.64.0/21
>       10.0.72.0/24

This is great! Thanks a lot!
I've never seen this 'netmask' tool before.
I'm searching for it now :)

Cheers,

Kelvin

 
 
 

route a range of subnets

Post by Lightyea » Fri, 25 Apr 2003 07:57:19



> Second, you implement a set of routes that covers the range, but only the
> range. You can use wonderful netmask tool to calculate them :

I have to ask, where did you get this tool from?
Been trying to search for it. But no luck.

Lightyear

 
 
 

route a range of subnets

Post by D. Stuss » Fri, 25 Apr 2003 09:49:08



> How to route a packet with destination of range
> 10.0.13.0/24 - 10.0.72/24 (only) through 10.0.2.253
> gateway?

First of all, you can fold certain combinations of that range (as CIDR):

10.0.13/24      10.0.14/23      10.0.16/20      10.0.32/19      10.0.64/21
10.0.72/24

Therefore, you will have only 6 route statements to incur.  Unfortunately, the
version of the route command I have wants a netmask, not a CIDR specification.

        route add -net 10.0.x.0 netmask 255.255.y.0 gw 10.0.2.253

"X" and "Y" vary according to the entry.  A route to 10.0.2.253 must already
exist for these commands to be valid.

If there were alot of disjoint ranges, sometimes it's more efficient to define
the general routing rule and the exceptions.

 
 
 

route a range of subnets

Post by D. Stuss » Fri, 25 Apr 2003 10:00:13




> >>How to route a packet with destination of range
> >>10.0.13.0/24 - 10.0.72.0/24 (only) through 10.0.2.253
> >>gateway?

> > Is giving a netmask of 17 the only way in this case?
> > e.g. route add -net 10.0.0.0/17 gw 10.0.2.253

> > I find it to result in a huge range of subnets, while
> > I only want 10.0.13. - 10.0.72.

> What does Your "-" mean here? - Does it say "10.0.13, .14,.. ,.72",
> or does it say "net 10.0.13/24 and net 10.0.73/24"?

Why is that an issue?  The dash clearly means then entire range - i.e. 15,616
IP addresses.

Quote:> In the former case, the rule You posted (netmask /17) is exactly
> what You want. If it is the latter, You would be better off adding
> two rules like "route add -net 10.0.13/24 gw 10.0.2.253", and
> the same with "-net 10.0.73/24".

Wrong.  The /17 may have the desired effect of routing that range via that
gateway, but it also routes addresses NOT IN THAT RANGE to that same gateway,
and that's why it's wrong.

Quote:> > Any other alternatives?

> You could review Your network topology and ask Yourself why You have
> chosen these address ranges. - Most of those routing-related problems
> come from poor network design.

That much is true.
 
 
 

route a range of subnets

Post by Cedric Blanche » Fri, 25 Apr 2003 18:17:35


Dans sa prose, Lightyear nous ecrivait :


>> You can use wonderful netmask tool to calculate them :
> I have to ask, where did you get this tool from?

apt-get install netmask

Seems to be quite Debian specific. No URL in docs...

--
  Ouaih ! P*tain ! L'examen d'entre, il est vachement dur.
  Michel Guillou + Kabal-du samedi soir
  -+- MG in: Guide du Cabaliste Usenet - Infiltrer-la-Cabale HOWTO -+-