1

Possible Duplicate:
How does Subnetting Work?

I'm mainly a programmer. I have no idea beyond some basic theory when it comes to Networking/Administrating.

My university feels that we should course at least the basics in Networking and I'm psyched. It's something incredibly new to me and I'm enjoying the class a lot.

Yesterday was my first day and he posed the following question.

"Since each C-level network can only have a maximum of 254 IP addresses, how could you add 300 machines to a single C-level network?

I was thinking something like:

192.168.1.1 
192.168.1.2 
192.168.1.3
---
192.168.1.254 (Make this a ROUTER)
    //and inside this router's network I could repeat the following addresses no problem.
    192.168.1.1
    192.168.1.2
    //etc.

Is this what my teacher was talking about? My teacher said this has a special name and we should research what it was called.

Anyone care to share some knowledge? :)

Edit: Maybe I'm not expressing my question clear enough; I need to have 300 machines all being able to communicate with each other, and all of them being within the same C-level network. (This is a deprecated term you say, what is it called now?)

How could I write this solution down on paper, explaining what I need?

Community
  • 1
  • 17
    There is no such thing as as Classed networks anymore, not "C" nor any other letter. There hasn't been for **16 years now**. Tell your teacher to get with the times. – Chris S Aug 05 '10 at 14:17
  • 3
    @Chris - +1...I can't believe how many people still talk about classed subnets. – Doug Luxem Aug 05 '10 at 14:26
  • @Doug, They're all students; it's becoming increasingly apparent the problem is teachers/books that haven't kept up with technology. You wouldn't teach people about the Internet using DOS 6.21, but that's when Classes were replaced. – Chris S Aug 05 '10 at 15:05
  • 10
    Classed networks may not truly exist, but the letters are still used as shorthand for networks of 8, 16, and 24 bits. Especially 24 bits since those are so common. So yes, CIDR has replaced classes so "Class C" addresses don't technically exist, but the new common usage is for class C to refer to any network consisting of 256 addresses. – Brian Knoblauch Aug 05 '10 at 15:12
  • 7
    @Brian Knoblauch: That'd be a "/24", not a "Class C". "Class C" is dead and buried. Let it go. We pronounce it "/24" today. – Evan Anderson Aug 05 '10 at 16:26
  • 1
    @Chris - See: http://meta.serverfault.com/questions/514/class-based-ip-routing-and-other-obsolete-questions – Mark Henderson Aug 06 '10 at 01:57
  • @Evan in all fairness even today i catch myself *speaking* class a/b/c for /8 /16 /24 ... but that is how i was taught and some things stick ... now writing ... as in this forum ... always slash notation – Zypher Aug 06 '10 at 03:07
  • @Zypher, if you've been doing IP for years, you'd got the accolades to occasional use the classes; people learning this stuff new don't. – Chris S Aug 06 '10 at 03:14

8 Answers8

6

Forget the term "Class" relating to IP routing. The term is dead and buried. They're "/8", "/16", and "/24" networks-- not "Class A", etc. If anyone tells you otherwise send them to me.

It sounds like you're asking:

Can I an entire network of 250-ish hosts behind a NAT router that, in turn, is connected to another network of 250-ish hosts behind ANOTHER NAT router. Something like:

                              Interface                   Interface
                              Ethernet1                   Ethernet1
                              192.168.1.254/24            192.168.1.1/24
                    __________  V               __________  V
((  heap o  ))     |   NAT    | V              |   NAT    |
(( internet )) ----| ROUTER A |----- //// -----| ROUTER B |----- //// -----
((   w00t!  ))   ^ |__________|              ^ |__________|
                 ^                           ^ 
               Interface                   Interface
               Ethernet0                   Ethernet0
               Some Internet IP            192.168.1.1/24

In each of those interstitial networks (represented by the ////) you'd like to pile 250-ish hosts, eh?

Firstoff, you seem to be conflating the terms "router" and "NAT router". Many routers don't do NAT as part of their day-to-day duties. I think you believe that every router translates network addresses, and that's not the case.

You might think this would work. You might think "Gee-- NAT Router B could just 'know' to route packets from the LAN connected to its Ethernet1 interface, bound for the Internet, out to 'NAT Router A'."

It won't work, though. You need some terminology to understand why. See this question and my answer for an excruciating level of detail and come back when you're done.

The way that NAT Router B would "know" where to send packets is based on the network IDs assigned to its interfaces. Both interfaces, Ethernet0 and Ethenet1, have the same network ID assigned (192.168.1.0). Re-using the same network IDs on two different networks and then connecting those networks together isn't going to facilitate communication between those networks. Poor ol' NAT Router B won't know, when it receives a packet on its Ethernet1 interface bound for "192.168.1.254", for example, whether that packet should be sent out interface Ethernet0 or Ethernet1. You might think "Gee-- it arrived on Ethernet1 so it should be sent out Ethernet0", but that's a human assumption and not how an IP router "thinks".

Changing NAT Router B to use addresses from a different subnet (like from 192.168.2.0/24, for example) would allow the configuration to work, insofar as hosts on the 192.168.2.0/24 network could initiate communication to the 192.168.1.0/24 network and the Internet.

                              Interface                   Interface
                              Ethernet1                   Ethernet1
                              192.168.1.254/24            192.168.2.1/24
                    __________  V               __________  V
((  heap o  ))     |   NAT    | V              |   NAT    |
(( internet )) ----| ROUTER A |----- //// -----| ROUTER B |----- //// -----
((   w00t!  ))   ^ |__________|              ^ |__________|
                 ^                           ^ 
               Interface                   Interface
               Ethernet0                   Ethernet0
               Some Internet IP            192.168.1.1/24

It's still a problematic real-world configuration, though. Hosts connected to NAT Router B on the 192.168.2.0/24 network, because of the NAT functionality in NAT Router B, won't be reachable by hosts in the 192.168.1.0/24 network. NAT Router B is effectively "sharing" the 192.168.1.1 IP address for any communication initiated by hosts in 192.168.2.0/24 to other networks (referred to, technically, as "Port Address Translation", or "overloaded NAT"). Incoming connections into the 192.168.2.0/24 network will have to be funneled through the 192.168.1.1 IP address and specific port or protocol forwarding rules would have to be configured on NAT Router B to facilitate this communication.

In corporate network it's typically desirable to have any host on the network capable (though, perhaps, not allowed) of reaching any other host on the network. In corporate networks you don't just stack up NAT routers like in this example, because you want end-to-end communication throughout the network. You'll often see NAT at the border of the network / Internet, but typically no further NAT inside the network (except in specific places where, if you want it, you'll know why you want it).

Community
  • 1
Evan Anderson
  • 141,071
  • 19
  • 191
  • 328
  • 1
    I think you meant to link http://serverfault.com/questions/49765/how-does-subnetting-work in your answer, and forgot... – Holocryptic Aug 05 '10 at 17:23
  • @Holocryptic: Good catch... I forgot a quotation mark in my HREF... – Evan Anderson Aug 05 '10 at 18:08
  • If we forget the term "Class" it will be hard to understand the RFC's whose purpose it was to deprecate the use of Class A,B,C. Also, there is a company that produces routers that I think still has a command that will allow you to configure their routers to be classful or not. IMHO it is preferable to use CIDR notation. – dbasnett Aug 09 '10 at 13:06
4

You can have as many machines as you want on the network, but only 254 (253 with one as the gateway) can have an IP address in the /24 network.

Alternatively you can use multiple 192.168 Private networks behind a NAT box that uses just 1 IP of the external /24 block. This will not allow external computer to directly access computers in the Private network however; though this is usually good for security.

Edit:
To be clear, it is absolutely not possible to have 300 machines on a single /24 (used to be called a Class C network) all with IPs.

Chris S
  • 77,337
  • 11
  • 120
  • 212
4

I'm fairly certain that the concept your teacher is pointing you towards is NAT (Network Address Translation). It's a function performed by a router which allows a (usually private) network to share a (usually public) IP address. This is one of the primary functions of any off the shelf router you use to connect a home network to an Internet connection.

In your example, you cannot repeat usage of the same subnet on the "internal" network.

A brief explanation, given the following configuration:

192.168.1.0/24
|
192.168.1.1 (external interface)
Router performing NAT
192.168.2.1 (internal interface)
|
192.168.2.0/24

The router performing NAT would have hosts behind it on a different subnet (notice the "2" in the 3rd octet). The hosts in the 192.168.2.0/24 network would set the NAT router (192.168.2.1) as their gateway.

When traffic flows through the router, the NAT function "translates" the IP headers, changing the source address to it's own "external" IP (192.168.1.1) and forwards the traffic along. It then keeps a table of connection entries, so when the return traffic arrives, it reverses the translation it performed and forwards the reply back to the original sender on the "internal" network.

http://en.wikipedia.org/wiki/Network_address_translation

chuckx
  • 1,120
  • 6
  • 8
  • 1
    Technically what you have described is Port Address Translation. True NAT has a one for one IP relationship. http://en.wikipedia.org/wiki/Port_address_translation – Scott Lundberg Aug 05 '10 at 16:24
  • Easiest to understand answer and makes sense. :) –  Aug 05 '10 at 16:25
  • @Scott, You're assuming by NAT he means Full Cone NAT, which is 1:1 mapping. PAT is either Address Restricted Cone NAT or (more commonly) Symmetric NAT. NAT is a pretty generic term and PAT is a subset of NAT functionality. – Chris S Aug 05 '10 at 18:50
  • @Chuckx, this still doesn't get 300 hosts on a /24 network, it's not possible. Further, if you use two /24 networks separated by a NAT Router then half will not be able to initiate communication with the other half. This does not solve either of the two constrains in the question. – Chris S Aug 05 '10 at 18:53
  • @Chris, Yes, I am being a stickler, but in this case it matters because if using true NAT (1:1), then it will not increase the number of available hosts, but if you used PAT, then you would be able to get more than 254 hosts on the same /24 network... sort of. Virtually, but not really on the same network. – Scott Lundberg Aug 05 '10 at 22:33
  • @Chris The constraints on the question were part of the asker's interpretation of his teacher's original question. Given the context (an introductory networking class), this seems to be the topic the teacher was hinting at. That's why I started my original answer the way I did ("I'm fairly certain that the concept your teacher is pointing you towards..."). In any case, feedback from the follow-up discussion with his teacher would be welcomed. – chuckx Aug 05 '10 at 23:57
  • @Scott, there's no such thing as "true NAT", that's like saying you drive a "true car" instead of a particular make/model of car. – Chris S Aug 06 '10 at 02:58
  • @Chris. Good point, but in the context of the answer to the OP's question, it makes a big difference. I was pointing out that difference to chuck. – Scott Lundberg Aug 06 '10 at 13:45
2

Repeating the same addresses inside is not the way to go, that'll confuse the router. Can't have the same blocks on BOTH sides!

However, a different private block inside the main private block with a router capable of NAT/PAT would work just fine.

Brian Knoblauch
  • 2,188
  • 2
  • 32
  • 45
2

I see lots of complex answers here. You made a simple question that has a simple answer: you don't!

"Class C" means a /24 subnet, that means a subnet with 2^(32-24) = 256 IP addresses in it, one of which (the last one) goes for the broadcast address, and one of which should not be used (the first one, also called network address).

If the "machines" you're talking about are actually network hosts able to connect to each other, they are 254. It doesn't make any sense to ask how to put more than X hosts in an X addresses subnet.

It is true that you can connect more than X systems in such a way that they all originate traffic in that subnet, via NAT for example, but then you have other limitations (NATted hosts cannot usual get incoming connections) and you cannot actually do that for everything (remember we're talking about IP, not necessarily restricted to tcp, udp, icmp, igmp).

If you need a subnet capable of keeping at least 300 hosts, you need at least ceil(sqrt(300+2)) bits of address space, that's 9 bits so you need at least a /23.

Luke404
  • 5,708
  • 3
  • 44
  • 58
1

Wouldn't you just change the subnet from /24 to/23?

(255.255.255.0 to 255.255.254.0)

That would give you 510 usable addresses from 192.168.1.1 to 192.168.2.254

hydrox467
  • 133
  • 1
  • 6
  • That would no longer be a "Class C" network. More than likely this would cause all kinds of interesting problems with routing. – Chris S Aug 05 '10 at 15:20
  • Since the IP starts with 192, doesn't that make it Class "C" http://en.wikipedia.org/wiki/IPv4_subnetting_reference – hydrox467 Aug 05 '10 at 15:23
  • 2
    @hydrox, no, the mask of 255.255.255.0 is what would be considered a "class C", the IP has little to do with it. – DanBig Aug 05 '10 at 15:41
  • 3
    @Dan. I agree with Hydrox, in the old nomenclature, everything in the range of 192.x.x.x 223.x.x.x was a class C network. That was the whole point. With CIDR, you are correct /24 makes it a "class C", but that's really using old terminology with new technology. – Scott Lundberg Aug 05 '10 at 16:04
  • 2
    In the original classing system, the two high-order bits determine the Class of the address. Having a netmask of 255.255.255.0 makes it Class C-*sized*, but it doesn't make it Class C. – BMDan Aug 05 '10 at 16:05
  • 1
    In the old class system having an high octet of 192 to 223 **and** a subnet mask of /24 or smaller made it a Class "C". If you used /23 it would then be **two** Class C networks; even though the broadcast domain would transverse both. – Chris S Aug 05 '10 at 18:57
1

How can all you networks gurus miss the obvious? The answer the teacher obviously wants is to install Windows Internet Connection Sharing on some of the computers. Or maybe add a USB network to some computers? ;-)

But seriously, it could be a trick question. Are we assuming that all 300 computers are switched on/connected simultaneously? If not, then maybe the expected answer is DHCP

jqa
  • 451
  • 2
  • 7
0

You could cheat.

You cannot have 300 machines that can each communicate unrestrictedly with the other 299 machines on a 255.255.255.0 subnet using IP addresses. This has been mentioned above, and bears repeating.

However, you CAN have 300 machines all with IP addresses in that 255.255.255.0 subnet (some with duplicates) AND in the same broadcast domain (which you don't have with a NAT router) AND able to communicate with a subset of the remaining 299 machines such that that subset contains unique IP addresses IF you use static ARP entries.

Take this simple three machine network, with MAC addresses 00:00:00:00:00:0A through 00:00:00:00:00:0C corresponding to machines A, B, and C.

A has IP 1.1.1.1, and static ARP entry for 1.1.1.2 pointing to 00:00:00:00:00:0C B has IP 1.1.1.2 C has IP 1.1.1.2

B and C can't talk to each other (not a unique subset) A can't talk to B because it won't ARP for 1.1.1.2. A CAN talk to C because it won't ARP for 1.1.1.2 and get confusing multiple replies.

And the reason we don't do this is because it is impossible to manage, so now you can forget that I said this.

Slartibartfast
  • 3,265
  • 17
  • 16