Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations IamaSherpa on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Subnet Mask weirdness 1

Status
Not open for further replies.
LawnBoy

LawnBoy

MIS
Mar 12, 2003
2,881
I have this Netopia DSL modem/gateway with the internal IP set as 192.168.1.254. I have 1 client machine connected to it, getting dhcp from the netopia.

Everything works great when the netopia has a 24 bit mask and has handed out a 24 bit mask on dhcp. I.E.,
netopia
192.168.1.254
255.255.255.0
client gets dhcp
192.168.1.1
255.255.255.0

Now, I need that gateway to service a 16 bit mask. So I change it and have:
netopia
192.168.1.254
255.255.0.0
client gets dhcp
192.168.1.1
255.255.0.0

When I change to the 16 bit mask everything seems to work except an outbound pptp VPN. When I set the mask back to /24, the pptp works. Nothing else changes except the subnet mask.

Have I lost my mind, shouldn't this work? Why does this only affect pptp? Browsing, ftp, ssh, everything else is ok.

Please, somebody explain this to me before I splash my brains on the wall.

--
The stagehand's axiom: "Never lift what you can drag, never drag what you can roll, never roll what you can leave.
 
Sort by date Sort by votes
Why are you trying to set a Class B mask on a Class C range?

Class A 1.0.0.0-126.255.255.255 MASK 255.0.0.0
Class B 128.0.0.0-191.255.255.255 MASK 255.255.0.0
Class C 192.0.0.0-223.255.255.255 MASK 255.255..255.0
Class D 224.0.0.0-239.255.255.255 MASK N/A
Class E 240.0.0.0-255.255.255.255 MASK N/A
 
Upvote 0 Downvote
Because the network this will eventually serve was setup that way by a vendor. I've seen the 192.168 block setup with a 16 bit mask many times and it works...

If I am violating the rules, why does it only break pptp?


--
The stagehand's axiom: "Never lift what you can drag, never drag what you can roll, never roll what you can leave.
 
Upvote 0 Downvote
What is the address of your pptp remote end-point?

With a 16 bit mask on a 192.168 network you can run into overlapping networks. If you pptp remote end-point is in the 192.168 address range you will have an overlapping network and it will have problems connecting.
 
Upvote 0 Downvote
The endpoint has a 'natural' address of 192.168.0.253/16. It's pptp server uses 192.168.0.10 and hands out 192.168.0.11 to the pptp client.

Would you explain what you mean by overlap?


--
The stagehand's axiom: "Never lift what you can drag, never drag what you can roll, never roll what you can leave.
 
Upvote 0 Downvote
Since you have set the MASK to 16 bits, your network now covers 192.168.0.0-192.168.255.255 so it overlaps the 192.168.0.0 network at the other end. and since the other end also has a 16 bit mask you have identical networks. So what you end up with is networks that think that the remote is local to it's own network and will not be routed out the proper interface.
 
Upvote 0 Downvote
Why not just use a 10 dot config, with a 20 bit mask or so?
Does the Netopia do static routing or a routing protocol? If it's a routing protocol, then it won't support any subnet masks---only network masks.

Burt
 
Upvote 0 Downvote
LarryTheCucumber said:
networks that think that the remote is local
Click to expand...
... and since pptp cuts off the local subnet, no comms. I had not considered that. I've done some more playing around and no, you can't pptp to the same subnet no matter how you try. I wonder if p2tp with split tunnel would let me... It's academic though, I would never be able to implement it.

Burt,
I'm stuck with the ip ranges of these existing networks. I'm trying to monitor 2 dsl modems and 3 firewalls from a single workstation (without changing it's ip config), and thought it would be cool if I could test the pptp connections too. Looks like I'll just have to change the monitor's ip to test the pptps.

--
The stagehand's axiom: "Never lift what you can drag, never drag what you can roll, never roll what you can leave.
 
Upvote 0 Downvote
I have done this for remote overlapping networks that I did not control.

This probably won't make sense.

Create a NAT pool for the remote end to use. Configure the local system to use a NAT address for the endpoint and remote devices.

I have only done this on Cisco equipment, I do not know the Netopia equipment.

This does get confusing and complex. Draw it out first to see if this is an option.
 
Upvote 0 Downvote
At this point the Netopia is pretty much bridged out. I'm using Smoothwall for the firewall, and the pptp server is already NATed. But, in order to allow the GRE through the smoothwall, I had to write specific rules allowing GRE to the non-NATed endpoint address. Not sure how to get around that.

It's probably not worth the effort, this was just a convenience thing and not essential. Thanks for the help.

--
The stagehand's axiom: "Never lift what you can drag, never drag what you can roll, never roll what you can leave.
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

jmarkus
  • Locked
  • Question
Can I have a different private IP address which isn't on my router's subnet?
Replies
6
Views
628
sbcsu
sbcsu
coorsman
  • Locked
  • Question
Subnet question 1
Replies
1
Views
97
mltoombs
mltoombs
laketech
  • Locked
  • Question
subnet gateway?
Replies
1
Views
94
bnorton916
bnorton916
Randar162
  • Locked
  • Question
Access an IP on another subnet
Replies
1
Views
78
cisconooblet
cisconooblet
ingram87
  • Locked
  • Article
How to Remotely Set IP Address, Gateway, Subnet, or DNS Servers
Replies
0
Views
96
ingram87
ingram87

Part and Inventory Search

Sponsor

Back
Top