Routing between two IP networks on same LAN

Discussion in 'Cisco' started by Christoph Gartmann, Dec 6, 2004.

  1. Hello,

    we use two different IP address ranges, 192.168.1.0 and 10.1.0.0 . A small
    Cisco 2503 is routing between the two networks. Both networks are on the same
    LAN. Each computer on the LAN uses this router as the default gateway. The
    router has IP addresses from both address ranges on the same ethernet
    interface. So far everything is working fine. Of course, if a host from
    10.1.0.0 connects to a computer on 192.168.1.0 it has to contact the router.
    All packets are sent through this router. The question is: is there a way to
    "tell" the two computers to exchange data directly after the initial contact
    via the router?

    Regards,
    Christoph Gartmann

    --
    Max-Planck-Institut fuer Phone : +49-761-5108-464 Fax: -452
    Immunbiologie
    Postfach 1169 Internet: gartmann@immunbio dot mpg dot de
    D-79011 Freiburg, Germany
    http://www.immunbio.mpg.de/home/menue.html
    Christoph Gartmann, Dec 6, 2004
    #1
    1. Advertising

  2. On 06.12.2004 16:46 Christoph Gartmann wrote


    > Hello,
    >
    > we use two different IP address ranges, 192.168.1.0 and 10.1.0.0 . A small
    > Cisco 2503 is routing between the two networks. Both networks are on the same
    > LAN. Each computer on the LAN uses this router as the default gateway. The
    > router has IP addresses from both address ranges on the same ethernet
    > interface. So far everything is working fine. Of course, if a host from
    > 10.1.0.0 connects to a computer on 192.168.1.0 it has to contact the router.
    > All packets are sent through this router. The question is: is there a way to
    > "tell" the two computers to exchange data directly after the initial contact
    > via the router?
    >


    The simplest way would be to tell both computers that they may reach the
    other network directly. In Unix slang:

    e.g. for 192.168.1.1 and 10.1.0.1 botgh on eth0

    10.1.0.1: ip route add 192.168.1.0/24 dev eth0
    192.168.1.1: ip route add 10.1.0.0/16 dev eth0

    That way each host will ARP for addresses for the other network. Even if
    ICMP redirect is configured the router will never ever send an ICMP
    redirect because it doesn't know a better gateway.



    Arnold
    --
    Arnold Nipper, AN45
    Arnold Nipper, Dec 6, 2004
    #2
    1. Advertising

  3. In article <cp2dr5$ahg$>,
    Arnold Nipper <> wrote:
    :On 06.12.2004 16:46 Christoph Gartmann wrote

    :> we use two different IP address ranges, 192.168.1.0 and 10.1.0.0 . A small
    :> Cisco 2503 is routing between the two networks.

    :> The question is: is there a way to
    :> "tell" the two computers to exchange data directly after the initial contact
    :> via the router?


    :The simplest way would be to tell both computers that they may reach the
    :eek:ther network directly. In Unix slang:

    :e.g. for 192.168.1.1 and 10.1.0.1 botgh on eth0

    See also my recent posting

    http://groups.google.ca/groups?selm=covo7l$snn$

    in which I discuss a theoretical mechanism (which works in practice
    for Windows NT systems.)

    --
    Admit it -- you peeked ahead to find out how this message ends!
    Walter Roberson, Dec 6, 2004
    #3
  4. On 06.12.2004 23:07 Walter Roberson wrote


    > In article <cp2dr5$ahg$>,
    > Arnold Nipper <> wrote:
    > :On 06.12.2004 16:46 Christoph Gartmann wrote
    >
    > :> we use two different IP address ranges, 192.168.1.0 and 10.1.0.0 . A small
    > :> Cisco 2503 is routing between the two networks.
    >
    > :> The question is: is there a way to
    > :> "tell" the two computers to exchange data directly after the initial contact
    > :> via the router?
    >
    >
    > :The simplest way would be to tell both computers that they may reach the
    > :eek:ther network directly. In Unix slang:
    >
    > :e.g. for 192.168.1.1 and 10.1.0.1 botgh on eth0
    >
    > See also my recent posting
    >
    > http://groups.google.ca/groups?selm=covo7l$snn$
    >
    > in which I discuss a theoretical mechanism (which works in practice
    > for Windows NT systems.)
    >



    Well, the trick is imho not send ARP requests to a certain address
    (aren't they always sent to ff:ff:ff:ff:ff:ff?) but to make a host aware
    that the other host is on the same LAN so that ARP is used to get the
    MAC address.



    Arnold

    --
    Arnold Nipper, AN45
    Arnold Nipper, Dec 6, 2004
    #4
  5. In article <cp2ron$1q0$>,
    Arnold Nipper <> wrote:

    :Well, the trick is imho not send ARP requests to a certain address
    :(aren't they always sent to ff:ff:ff:ff:ff:ff?)

    ARP requests are always broadcasts, and IP broadcasts are
    always sent out to a MAC address whose traditional hex representation
    would have an odd first byte (01, 03, 05 ... FF). Any modern
    NICs that is not in promiscuous mode will simply ignore any packet with
    a destination MAC address that is not it's own MAC address or one of the
    broadcast MAC addresses, or one of the multicast MAC addresses. If the
    destination MAC is it's own MAC address, then the NIC will kick the
    packet into the IP stack to be dealt with, without itself checking the
    IP. When, though, a NIC sees a broadcast MAC address, the NIC will look
    at the IP destination, and it will check for two special cases:
    the all-one's IP address (255.255.255.255) and the subnet
    broadcast address of any subnet that the NIC has been informed to
    be of interest (e.g., 200.201.202.255 for the 200.201.202/24 subnet.)
    Modern NICs will generally ignore any other packet [other than
    multicasts.] Having the NIC look for the subnet broadcast IP(s) -is-
    mixing layers, but it's a very common optimization.

    Thus, if you are using most modern NICs that are not set promiscuous
    and there is a MAC destination of ff:ff:ff:ff:ff:ff and the
    IP is not 255.255.255.255 and is not the subnet broadcast IP(s),
    then the packet will usually not make it past the NIC to the IP stack.

    In the posting of mine that I referenced, I discussed how *in practice*
    most OS's use the subnet broadcast IP rather than 255.255.255.255,
    but using 255.255.255.255 is legal and is in fact done by
    Windows NT class OS's.

    :but to make a host aware
    :that the other host is on the same LAN so that ARP is used to get the
    :MAC address.

    It depends on the OS. Most Unices that I've used do not appear to
    learn the foreign MAC in such cases, but I haven't done testing
    to see if there are circumstances (sort of putting in routes
    one way or another) under which they will learn the MAC -- e.g.,
    I haven't deliberately configured a Unix machine with a 255.255.255.255
    broadcast IP. My possibly faulty recollection is that for a time
    SunOS used the 255.255.255.255 MAC [that's after the time where
    SunOS used the subnet *base* adddress as the broadcast IP, as
    was permitted in early RFC's but which in practice fell out of
    favour.]

    What I can say from my own experience is that a Cisco PIX is
    happy to deal directly with a Windows NT class machine that has
    contacted it [perhaps a gateway on the way to something else]
    even though the PIX and the NT-class box are set to different
    IP address ranges.

    --
    And the wind keeps blowing the angel / Backwards into the future /
    And this wind, this wind / Is called / Progress.
    -- Laurie Anderson
    Walter Roberson, Dec 7, 2004
    #5
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Gaetano Mendola

    cable between two lan on the same catalist

    Gaetano Mendola, Dec 18, 2003, in forum: Cisco
    Replies:
    0
    Views:
    354
    Gaetano Mendola
    Dec 18, 2003
  2. Siddhartha Jain
    Replies:
    0
    Views:
    534
    Siddhartha Jain
    Mar 31, 2005
  3. Marc Schwartz
    Replies:
    0
    Views:
    472
    Marc Schwartz
    Jun 18, 2005
  4. Ulf Tropp
    Replies:
    2
    Views:
    1,915
  5. apostolis
    Replies:
    0
    Views:
    973
    apostolis
    Jul 11, 2007
Loading...

Share This Page