supernets; usage of multiple routers

By jobeard
Feb 10, 2007
  1. Techrepublic has a nice description of supernets; a means to add network devices
    without the necessity of extra ROUTE ADD configurations (which does not work in XP/Home).
    From Techrepublic: Why would I want to use supernetting?
    ISPs frequently use supernetting to allocate IP addresses most effectively. There may be scenarios where you have many LANS, WLANs, or VLANs that might be optimally suited for supernetting to best administer your network needs. Keep in mind that supernetting introduces complexity to network administration that needs thorough planning, testing, documentation, and administrator competence.

    Most new routing equipment and current operating systems support CIDR in their implementation of the TCP/IP protocol. However, before a supernetting implementation, it is critical to ensure that all components of your network are supernetting-aware. This includes operating systems, network services, routers, routing protocols (RIP2, for example does not support CIDR), and any network-based services used on your network.​

    While the usual 254 devices are sufficient for most of us, the assumption is there's only one router.
    Adding multiple routers is wasteful UNLESS there's a specific need, such as adding wireless support
    to a wired network (another alternative is an Access Point).

    The advantage of a second router is grouping devices and controlling access
    via firewall rules;
    eg You would very much like to protect your wireless subnet (a.b.d.0 in this example)
    so as to exclude all uninvited systems
    allow all on subnet a.b.c.0 << your wired subnet
    allow only a.b.d.2 << your wireless laptop
    deny all a.b.d.0 << your wireless subnet
    the ordering is significant in the rules and ensure that only the system at
    a.b.d.2 will be allowed access to the system which has these firewall rules.

    But getting the discrete IP addresses to flow is a prerequisite to this kind of control.
    The secret is the subnet mask.

    see article details here
Topic Status:
Not open for further replies.

Similar Topics

Add your comment to this article

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...