IP Routing Question

Monty J. Harder dmonster at juno.com
Tue Jan 2 22:17:33 CST 2001 

On Tue, 2 Jan 2001 16:02:39 -0600 (EST) Gerald Combs <gerald at zing.org>
writes:

> > been upgraded to support "uneven" subnetting.  But that's still 4

> I've been wracking my brain to remember when "typical router
> hardware"
> _didn't_ support subnetting.  I can't.  For the most part, the only

Key word is in quotes there.  I understand that some earlier versions
of ROSes could only subnet "evenly".  In my example, there are 11
"subnets", and you'd have to use a subnet mask that allowed the largest
possible subnet to exist, wasting scads of IP addresses in the process.

> each end of a point-to-point link.  Most router manufacturers will let
you
> configure "unnumbered" connections to facilitate this.  Not many
dedicated
> links use this functionality, however.  Every dedicated circuit I've[2]

This is pretty much what I suspected:  You =can= do it, but hardly
anyone =does= it.

>  1  192.168.0.1  0.691 ms  0.534 ms  0.527 ms
>  2  10.24.72.1  8.292 ms  9.283 ms  11.745 ms
>  3  24.94.161.65  8.912 ms  9.213 ms  14.562 ms
>
>     [ ... ]
>
> 192.168.0.1 is the inside address of my firewall.  10.24.72.1 is

... not the outside address.  I'm starting to see why people might not
want to do this.  I'd want the public IP addresses of the routers
reported.

> the
> address of Time Warner's equipment, which is on the public
> Internet[3].

But a 10.x address is private.  Looks like TW is setting up their own
NAT subnet, which  is a good idea for them WRT enforcing the TOS
prohibition against running a server.  Hard to do that if you don't have
a public IP address to run on.

>   you're very careful.  Suppose you and your ISP both use addresses
> in the
>   10/8 block for public links.  Now suppose you're using a  dynamic

In this case, I'd switch to one of the other private IP spaces.  I only
used the Ten-Dots to make the scheme really easy to follow.

> - Troubleshooting can be more difficult and/or painful.  What
> happens when
>   someone tries to traceroute across your network?  What happens
> when
>   _you_ try to traceroute across your network?

That was the only thing I could think of that would break.  But each
machine has a public IP it can report to traceroute.  I just don't know
if the server side of traceroute is written to do things this way.

More information about the Kclug mailing list