- Stupid newbie question
- Posted by thetownrecluse on January 7th, 2005
This is an education situation. I believe I can do this, but not sure
I have multiple machines on a 192.168.100.x switch. All addresses are
static.
For learning purposes I wanted to insert a router between the switch and one
of the computers.
I have subnetted the address space in half with mask 255.255.255.128 on the
machines. I have that up and running.
The router has one interface at 192.168.100. 7 255.255.255.128 and the other
at 192.168.100.130 255.255.255.128.
I can ping all network addresses from the router. From 192.168.100.132
address I can ping the 192.168.100.130.
interface Ethernet0
ip address 192.168.100.130 255.255.255.12
no ip route-cache
no ip mroute-cache
!
interface Ethernet1
ip address 192.168.100.7 255.255.255.128
no ip route-cache
no ip mroute-cache
!
..
..
..
..
ip classless
ip route 192.168.100.0 255.255.255.128 192.168.100.128
ip http server
!
What am I doing wrong?????????
- Posted by Paul Cocker on January 7th, 2005
Don't think you need the route in there (the gateway looks wrong to me
anyhow).
Also I think you'd need
ip subnet-zero
so that you can use the 255.255.255.128 subnet.
"thetownrecluse" <thetownrecluse@hotmail.com> wrote in message
news:9zBDd.251$pZ4.156@newsread1.news.pas.earthlin k.net...
- Posted by thetownrecluse on January 7th, 2005
These are additional settings in the config. I did not add these. They
just showed up during the remainder of the terminal configuration. Please
stick with me until this works I will be eternally grateful.
!
ip subnet-zero
no ip routing
--------------------------------------------------------------------------------------------------------------------------
"Paul Cocker" <pauldavidcocker@yahoo.com> wrote in message
news:crmpa2$ha3$1@news7.svr.pol.co.uk...
- Posted by Paul Cocker on January 7th, 2005
"thetownrecluse" <thetownrecluse@hotmail.com> wrote in message
news
8CDd.410$Ii4.256@newsread3.news.pas.earthlin k.net...
no ip routing doesn't sound right.
try
conf t
ip routing
also get rid of the original route
no ip route 192.168.100.0 255.255.255.128 192.168.100.128
I'm a beginner myself so this might be wrong!
- Posted by Peter on January 8th, 2005
Hi Paul,
Yes, the route statement should point to a valid Next Hop. It does not
appear to be doing that.
You also need a Route statement for the other subnet, again pointing
to a valid next hop.
Nope, that may be required if the network addresses were something like
192.168.0.x (IE the 3rd element was a 0 and you were using class C
masks)...
Provided a Router interface is UP/UP, you should be able to PING all
directly connected devices, but to communicate from devices on one
Router interface THROUGH the router to devices on the other interface,
you need to tell the router what to do with the traffic that comes
into the Router from that interface, AND the reverse flow.
I suspect this should really be -
ip route 192.168.100.0 255.255.255.128 ethernet1
and if you have no other route statements you also need -
ip route 192.168.100.128 255.255.255.128 ethernet0
to cover the reverse direction.
Cheers..........pk.
- Posted by Tom on January 8th, 2005
The router does not need any static routes for networks that are directly
connected.
- Posted by Tom on January 8th, 2005
I presume that your issue is that 192.168.100.132 can only ping
192.168.100.130 but nothing else? Does this PC have a default route or a
static route so that it knows how to get to networks not in its own range?
This static is not needed and is wrong anyway.
As above!
- Posted by Paul Cocker on January 8th, 2005
I think you've been misinformed. 192.168.0.0 255.255.255.128 breaks down
into two subnets
host broadcast range
192.168.0.0 192.168.0.127 192.168.0.1-192.168.0.126
192.168.0.128 192.168.0.255 192.168.0.129-192.168.0.254
The top one is the "all zero's" subnet and the bottom one the "all 1's".
Valid subnets are 2^1 -2 = 0
Only if you use ip subnet-zero are you allowed to use the top and bottom
subnets - in this case both of them.
Before the use of ip subnet-zero you'd have to break it down to
255.255.255.192
giving you
host broadcast range
192.168.0.0 192.168.0.63 192.168.0.1-192.168.0.62
192.168.0.64 192.168.0.127 192.168.0.129-192.168.0.126
192.168.0.128 192.168.0.191 192.168.0.129-192.168.0.190
192.168.0.192 192.168.0.255 192.168.0.193-192.168.0.254
Where the top and bottom subnets are invalid and you'd only get the middle
two. Very wasteful obviously.
If I've misunderstood this please let me know cause it means I need to hit
the books again!
- Posted by Peter on January 8th, 2005
Hi Paul,
If you look at the original section of config that was posted -
then he is using 2 subnets, both based on 192.168.100.x, so "ip
subnet-zero" does not enter into this particular configuration.
Cheers...........pk.
- Posted by Peter on January 8th, 2005
Hi Tom,
Correct, the ROUTER doesn't need any static routes for directly
connected networks, but devices EXTERNAL to the Router (IE those
devices that need to TRANSIT the Router) do. The original post
suggested (although it was not explicitly stated) that there was no
return path provided in the config.
This is because any traffic generated FROM the Router itself uses the
IP address of the output interface as its SOURCE address (unless you
use an extended PING where you can explicitly specify it), and it just
has to do an ARP for the target, so it does not need a specific route
to proceed.
Traffic that enters the Router from an external device DOES need a
specific route for the Router to be able to determine the interface to
use when it exits the Router.
Cheers.................pk.
- Posted by Paul Cocker on January 8th, 2005
"Peter" <SOMEONE@paradise.net.nz> wrote in message
news:41dfb851$1@clear.net.nz...
but 192.168.100.1-126 is the all 0's subnet eg 11111111
11111111 11111111 0 <----- all 0's
and 192.168.100.129-254 is the all 1's subnet eg 11111111
11111111 11111111 1 <------ all 1's
both invalid unless you use ip-subnet zero.
http://www.cisco.com/warp/public/105/40.html
Can someone else jump in here and tell me if I'm crazy or not?
- Posted by Tom on January 8th, 2005
"Peter" <SOMEONE@paradise.net.nz> wrote in message
news:41dfbc4a$1@clear.net.nz...
So you agree that these statements ..
ip route 192.168.100.0 255.255.255.128 ethernet1
ip route 192.168.100.128 255.255.255.128 ethernet0
... are not required in the router config as these are directly connected to
the router and the clients are directly conncted to these networks.
What is required is that the clients on the 192.168.100.0 network have a
route to the 192.168.100.128 network via 192.168.100.7
On the client machines ..
route add 192.168.100.128 netmask 255.255.255.128 192.168.100.7
... and the machine on the 192.168.100.128 network has a route to the
192.168.100.0 network via 192.168.100.130
route add 192.168.100.0 netmask 255.255.255.128 192.168.100.130
- Posted by Tom on January 8th, 2005
"Paul Cocker" <pauldavidcocker@yahoo.com> wrote in message
news:crof54$lok$1@newsg1.svr.pol.co.uk...
The first subnet 192.168.100.0 /25 is the zero subnet and so ' ip-subnet
zero' is required. The second range 192.168.100.128 /25 would normally be a
valid range anyway.
Good link.
- Posted by Peter on January 8th, 2005
Hi Tom,
No, I disagree with that statement, the Routes are needed for "normal"
Router operation. Yes, the Routes are NOT needed ONLY IF the source of
the data flow (EG the PING test) IS from the ROUTER itself. However
the Routes ARE needed for traffic that ENTERS the Router on one
interface, and EXITS the router on another interface. The 2 Networks
are connected to different interfaces on the ROUTER, but the 2
Networks are NOT connected DIRECTLY to each other. The Router still
needs ROUTES defined to complete the connection between its 2
interfaces. This can be done using static routes, or turning on some
form of routing.
If you have a chance, set up a test router just like the above (IE
with 2 interfaces addressed (AND ACTIVE), but without any routes
defined, and then from the Routers perspective, look at "show ip
route". Then add just one specific Network Route and repeat the
display. Take note of the TYPE of route that the router has recoded
against each one. Then try "show ip route connected". Then remove the
static entry and add turn on routing -
router rip
version 2 (required because RIP v1 can't handle subnets).
The Routing protocol will learn about the connected networks and
automatically build the appropriate route table entries. Then do "show
ip route" again. Hopefully that will make things a bit clearer.
Yes, plus a reverse route for the return traffic.
Cheers.........pk.
- Posted by Peter on January 8th, 2005
Hi Paul,
Oops, you are correct, I was thinking of Classful routing, not
subnet-zero for some reason......;-) The use of "ip subnet-zero" has
not been needed since IOS release 12.0, so its not something I have
had to think about for a while.
Sorry about that chief.
Cheers.....pk.
- Posted by S. Gione on January 8th, 2005
I didn't read all the responses, so if this is already answered, ignore it.
I think your subnetting is the source of your problems.
In 192.168.100. 7 255.255.255.128, the host address .7 is not in the .128
subnet. The high order bit (bit 128) is not on ... the host addresses for
that subnet will start with .129 and continue upwards. (Test: if you & 128
and 7, the result is 0)
In 192.168.100.130 255.255.255.12 ... the subnet mask of .12 does not appear
correct. First, the host .130 is in the .128 subnet. (Try 12 & 130 -> 0;
128 & 130 -> 128)
If you're going to subnet the last octet, I would recommend using .128
(which you have) and .64. The .12 would be only useful in a 2-node PPP link
(which may be o.k. for your purposes).
"thetownrecluse" <thetownrecluse@hotmail.com> wrote in message
news:9zBDd.251$pZ4.156@newsread1.news.pas.earthlin k.net...
- Posted by Tom on January 9th, 2005
"Peter" <SOMEONE@paradise.net.nz> wrote in message
news:41e05e4e$1@clear.net.nz...
No, incorrect. You do not need to create static routes to tell a router what
it has 'directly connected'. If you were correct then none of the 800+
routers that I manage would be working right now. You seem to be suggesting
that if traffic enters a routers interface destined for the other interface
then the router will not know what interface to forward that traffic to
without a static route ,
<quote>The Router still needs ROUTES defined to complete the connection
between its 2 interfaces. </quote>
whereas in fact just looking at the routing table shows that it does know.
A Cisco router does not have a 'per interface' routing table. If you have a
directly connected network AND you add a static route for that same network,
that static entry will not be used because its administrative distance will
be higher that the connected route.
Let me demonstrate.
My routers fastethernet0 port has the IP address 10.19.72.1 /24.
interface FastEthernet0
ip address 10.19.72.1 255.255.255.0
So, without any static route for this network present in the routers config,
does the router know where to send traffic destined for the 10.19.72.0 /24
network. Of course it does ..
evilhomer# sh ip route 10.19.72.0
Routing entry for 10.19.72.0/24
Known via "connected", distance 0, metric 0 (connected, via interface)
<note the 'distance'
Routing Descriptor Blocks:
* directly connected, via FastEthernet0
Route metric is 0, traffic share count is 1
So when traffic enters my router from another port with a destination
address of 10.19.72.x the router knows that this network is on FastEthernet0
and so that packets are forwarded to that port.
Also note that the metric is 0, as the network is directly connected. So,
according to you if I enter a static route for this network, that static
will show up as the correct route! Let's see ..
evilhomer#conf t
Enter configuration commands, one per line. End with CNTL/Z.
evilhomer(config)#ip route 10.19.72.0 255.255.255.0 FastEthernet0
evilhomer(config)#^Z
evilhomer#sh ip route 10.19.72.0
Routing entry for 10.19.72.0/24
Known via "connected", distance 0, metric 0 (connected, via interface)
Routing Descriptor Blocks:
* directly connected, via FastEthernet0 < still using the connected
entry!
Route metric is 0, traffic share count is 1
evilhomer#
So here I have added a static route which is now in my config. However, the
router ignores it and still uses the directly connected entry. Why is this?
Well it's because the static route has an administrative distance of 1 where
as the connected route has a lower distance of 0, and so the lower distance
route is selected. So, I can remove the static and it all still works okay.
In fact, even if I tell the router that this network is now reachable by a
different interface, it will ignore it and choose the connected route. Let's
see if I can bugger up my router by adding an incorrect route for my network
...
evilhomer(config)#ip route 10.19.72.0 255.255.255.0 atm0.1
evilhomer(config)#^Z
evilhomer#sh ip route 10.19.72.1
Routing entry for 10.19.72.0/24
Known via "connected", distance 0, metric 0 (connected, via interface)
Routing Descriptor Blocks:
* directly connected, via FastEthernet0
Route metric is 0, traffic share count is 1
Nope. The CONNECTED route prevails!
You only need to add statics for networks that are not connected to the
router but are reachable via another device (when not using routing
protocols of course). If the network is DIRECTLY CONNECTED to the router
then it can forward the traffic received on an interface to ANOTHER
interface based on the information that it has on its directly connected
networks.
So, in the case of the op, his router has two interfaces:
interface Ethernet0
ip address 192.168.100.130 255.255.255.128
no ip route-cache
no ip mroute-cache
!
interface Ethernet1
ip address 192.168.100.7 255.255.255.128
no ip route-cache
no ip mroute-cache
!
If you did a 'sh ip route' on this router, you would see both networks as
'Known via "connected", distance 0, metric 0 (connected, via interface)'
Routing entry for 192.168.100.128/25
Known via "connected", distance 0, metric 0 (connected, via interface)
Routing Descriptor Blocks:
* directly connected, via Ethernet0
Route metric is 0, traffic share count is 1
Routing entry for 192.168.100.0/25
Known via "connected", distance 0, metric 0 (connected, via interface)
Routing Descriptor Blocks:
* directly connected, via Ethernet1
Route metric is 0, traffic share count is 1
So traffic from an external source entering Ethernet0 destined for
192.168.100.0 /25 would be forwarded to Ethernet1 and traffic entering
Ethernet1 destined for 192.168.100.128 /25 would be forwarded to Ethernet0,
based on the information that the router has about the networks that are
connected directly to its interfaces. This works WITHOUT static routes in
the config.
Yes, without any routes added by me the router still knows about the network
and with routes added the connected route is still selected. This is why I
NEVER add statics for directly connected networks. Never have and never
will!
If you feel the need to add static routes to a router to tell it which
interface has which network then please feel free to do so. However, this
information will not be used by the router as I have demontrated and
therefore is not required.
Regards,
Tom
Then try "show ip route connected". Then remove the
- Posted by Tom on January 9th, 2005
"S. Gione" <sgione@hotmail.com> wrote in message
news:ff_Dd.52253$Ew6.50324@twister.socal.rr.com...
I think that the .12 is a mistype. He actually has ..
interface Ethernet0
ip address 192.168.100.130 255.255.255.128
no ip route-cache
no ip mroute-cache
!
interface Ethernet1
ip address 192.168.100.7 255.255.255.128
no ip route-cache
no ip mroute-cache
!
So his 192.168.100.130 interface is in the 192.168.100.128 /25 network and
the 192.168.100.7 interface is in the 192.168.100.0 /25 network.
- Posted by Tom on January 9th, 2005
"Tom" <chris@nospam> wrote in message
news:0MadnUjEAohC5H3cSa8jmw@karoo.co.uk...
Peter,
Just jumped onto a router that connects my work LAN to a management LAN for
another network. This is ONE router with TWO interfaces and two networks,
192.168.3 and 192.168.204.
interface Ethernet0
description << access to switch mgmt server >>
ip address 192.168.204.253 255.255.255.0
half-duplex
!
interface FastEthernet0
description << IS Management LAN >>
ip address 192.168.3.254 255.255.255.0
speed auto
There are NO static routes on this router. So according to your theory I
should not be able to ping 192.168.204.253 from a device on the
FastEthernet0 network.
From 192.168.3.113 ..
[tom@red tom]$ ping 192.168.204.253
PING 192.168.204.253 (192.168.204.253) 56(84) bytes of data.
64 bytes from 192.168.204.253: icmp_seq=1 ttl=255 time=0.959 ms
64 bytes from 192.168.204.253: icmp_seq=2 ttl=255 time=0.899 ms
64 bytes from 192.168.204.253: icmp_seq=3 ttl=255 time=0.986 ms
How does the router know which inteface to send the packets to once they hit
the 192.168.3.254 interface?
switch_mgmt#sh ip route
Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP
i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS inter
area
* - candidate default, U - per-user static route, o - ODR
P - periodic downloaded static route
Gateway of last resort is not set
C 192.168.204.0/24 is directly connected, Ethernet0
C 192.168.3.0/24 is directly connected, FastEthernet0
switch_mgmt#
No static routes required!
Tom.
- Posted by Walter Roberson on January 9th, 2005
In article <0MadnUjEAohC5H3cSa8jmw@karoo.co.uk>, Tom <chris@nospam> wrote:
:<quote>The Router still needs ROUTES defined to complete the connection
:between its 2 interfaces. </quote>
: whereas in fact just looking at the routing table shows that it does know.
:A Cisco router does not have a 'per interface' routing table. If you have a
:directly connected network AND you add a static route for that same network,
:that static entry will not be used because its administrative distance will
:be higher that the connected route.
You are certainly on the right track, but when that statement is
taken in isolation, I do not think it is correct in -all- circumstances.
If you have turned on one of the routing protocols that supports
unequal cost routes, and you 'redistribute connected'
and 'redistribute static' to inject the connected and static routes
into the routing algorithm, then particularily if you had
CEF enabled, then the different administrative distances would
translate into different costs, potentially leading to differential
sharing of the packets to the two different routes.
I'm speaking from theory here, that someone could deliberately
configure IOS -not- to ignore the static entry, but it would have
to be pretty deliberate (either that, or it'd have to be
someone who didn't know what they were doing ;-) )
--
And the wind keeps blowing the angel / Backwards into the future /
And this wind, this wind / Is called / Progress.
-- Laurie Anderson
