Dave Williams wrote, On Sat, 15 Jul 2000

I need to extend my school's network beyond the 254 IP numbers I'm using - based on 172.19.50.x

This network includes a router which links through an ISDN line to an LEA proxy server.

Is the best way to achieve this to split the network into 2 segment and use a Linux machine and Masquerading to link them together.

ie.- leave the bulk of the machines on 172.19.50.x use 192.168.0.x for the others use two NICs in the Linux machine, 1 for each subnet Install masquerading

Will this allow the machines on 192.168.0.x to access *all* the services on the main network?

Dave Williams --

Um, couldn't you cheat a bit and drop down a couple of digits for the mask? ie 255.255.255.0 becomes 255.255.250.0 I've seen it done once before, a while a go mind. Please feel free to tell me off. paul I've tried to give them up. But I'm back on the sigs again.

The simplest way would be to extend the range by using a different netmask - I assume you are currently using 255.255.255.0 . The default for 172.19.0.0 under the old class B system would be a netmask of 255.255.0.0 which would give you up to 65533 possible hosts. A lot of schools in my area are set up with netmask 255.255.252.0 with 10 bits for the host giving a total of up to 1022 hosts. If you are running DHCP then it is very easy to change to suit whatever netmask you decide you need. If you can't or don't want to change the netmasks then you can use a linux box to route between the subnets. You don't need to use masquerading, though, as presumably your router is doing the address translation to the internet for you. If you are using SuSE linux all you need to do is use the modify configuration file option in Yast to set ip_forward to yes. You will have to check the router setup to be sure it matches. _____________________________________ Giles Nunn - Network Manager Carms Schools ICT Development Centre Tel: +44 01239 710662 Fax: 710985 ____________________________________ On Sat, 15 Jul 2000, Dave Williams wrote:

I need to extend my school's network beyond the 254 IP numbers I'm using - based on 172.19.50.x

This network includes a router which links through an ISDN line to an LEA proxy server.

Is the best way to achieve this to split the network into 2 segment and use a Linux machine and Masquerading to link them together.

ie.- leave the bulk of the machines on 172.19.50.x use 192.168.0.x for the others use two NICs in the Linux machine, 1 for each subnet Install masquerading

Will this allow the machines on 192.168.0.x to access *all* the services on the main network?

Dave Williams

is the best way to do this not just to give the new computers ip's in the 172.19.51.x if all you machines have the netmask of 255.255.0.0 then they'll all be able to communicate. Or is there a problem with security? ie you dont want computers in the 172.19.50 subnet to see the new computers? if this is the case give the 172.19.50.x a netmask of 255.255.255.0 and the 172.19.51.x a netmask of 255.255.0.0 now 172.19.51.x can see 172.19.50.x but not vice versa. maybe i've misundestood the problem, but i cant see how masquerading would help. with your suggestion, the router does not need to perform masquerading, it can route packets between 172.19.50.x with 192.168.x.x as it has an ip address on both subnets. hope this helps.

I need to extend my school's network beyond the 254 IP numbers I'm using - based on 172.19.50.x

This network includes a router which links through an ISDN line to an LEA proxy server.

Is the best way to achieve this to split the network into 2 segment and use a Linux machine and Masquerading to link them together.

ie.- leave the bulk of the machines on 172.19.50.x use 192.168.0.x for the others use two NICs in the Linux machine, 1 for each subnet Install masquerading

Will this allow the machines on 192.168.0.x to access *all* the services on the main network?

Dave Williams