On Thu, 14 Nov 2002, Smitty wrote:
> I am setting up my old linux box as a firewall/ router with an ethernet
> connection to the new box and isp. Is there a particular address I would use
> to designate the new box?
> Smitty
>
RFC 1918
http://www.ietf.org/rfc/rfc1918.txt
In chapter 3 says:
The Internet Assigned Numbers Authority (IANA) has reserved the
following three blocks of the IP address space for private internets:
10.0.0.0 - 10.255.255.255 (10/8 prefix)
172.16.0.0 - 172.31.255.255 (172.16/12 prefix)
192.168.0.0 - 192.168.255.255 (192.168/16 prefix)
I've usually seen that large corporate networks use the 10.x.y.z address
space which, when subnetted into smaller networks, gives them sufficient
flexibility. Most home LANS (including mine) use 192.168.y.z, typically
with a 255.255.255.0 (24 bit) subnet mask. I don't think I'll ever have
more than 254 hosts on a subnet. I don't think I'll ever have more than
254 subnets either. Currently I have 2 subnets, 192.168.100.0/24 and
192.168.200.0/24. Occassionally, I bring up a 192.168.150.0/24 or others
to play with new toys. Also, many people use the .1 address for the
gateway.
So the LAN-facing interface on your firewall could be:
Address: 192.168.100.1
Mask: 255.255.255.0
Broadcast: 192.168.100.255
Network: 192.168.100.0
The WAN-facing interface on your firewall would presumably be assigned by
your ISP's DHCP server.
The interface on your workstation that faces your new firewall could be:
Address: 192.168.100.50
Mask: 255.255.255.0
Broadcast 192.168.100.255
Network: 192.168.100.0
Gateway: 192.168.100.1
If I'm running a DHCP server for that subnet I usually hold the bottom of
the address range back for static address devices and let DHCP hand out
the upper addresses. Something like 192.168.100.1 through 50 for static
and 192.168.100.51 through 192.168.100.250 for DHCP.
This archive was generated by hypermail 2.1.3 : Fri Aug 01 2014 - 19:55:10 EDT