Stupid newbie question

Discussion in 'Cisco' started by thetownrecluse, Jan 7, 2005.

  1. This is an education situation. I believe I can do this, but not sure

    I have multiple machines on a 192.168.100.x switch. All addresses are
    static.

    For learning purposes I wanted to insert a router between the switch and one
    of the computers.

    I have subnetted the address space in half with mask 255.255.255.128 on the
    machines. I have that up and running.

    The router has one interface at 192.168.100. 7 255.255.255.128 and the other
    at 192.168.100.130 255.255.255.128.

    I can ping all network addresses from the router. From 192.168.100.132
    address I can ping the 192.168.100.130.

    interface Ethernet0
    ip address 192.168.100.130 255.255.255.12
    no ip route-cache
    no ip mroute-cache
    !
    interface Ethernet1
    ip address 192.168.100.7 255.255.255.128
    no ip route-cache
    no ip mroute-cache
    !
    ..
    ..
    ..
    ..
    ip classless
    ip route 192.168.100.0 255.255.255.128 192.168.100.128
    ip http server
    !


    What am I doing wrong?????????
    thetownrecluse, Jan 7, 2005
    #1
    1. Advertising

  2. thetownrecluse

    Paul Cocker Guest

    Don't think you need the route in there (the gateway looks wrong to me
    anyhow).

    Also I think you'd need

    ip subnet-zero

    so that you can use the 255.255.255.128 subnet.




    "thetownrecluse" <> wrote in message
    news:9zBDd.251$...
    > This is an education situation. I believe I can do this, but not sure
    >
    > I have multiple machines on a 192.168.100.x switch. All addresses are
    > static.
    >
    > For learning purposes I wanted to insert a router between the switch and
    > one of the computers.
    >
    > I have subnetted the address space in half with mask 255.255.255.128 on
    > the machines. I have that up and running.
    >
    > The router has one interface at 192.168.100. 7 255.255.255.128 and the
    > other at 192.168.100.130 255.255.255.128.
    >
    > I can ping all network addresses from the router. From 192.168.100.132
    > address I can ping the 192.168.100.130.
    >
    > interface Ethernet0
    > ip address 192.168.100.130 255.255.255.12
    > no ip route-cache
    > no ip mroute-cache
    > !
    > interface Ethernet1
    > ip address 192.168.100.7 255.255.255.128
    > no ip route-cache
    > no ip mroute-cache
    > !
    > .
    > .
    > .
    > .
    > ip classless
    > ip route 192.168.100.0 255.255.255.128 192.168.100.128
    > ip http server
    > !
    >
    >
    > What am I doing wrong?????????
    >
    Paul Cocker, Jan 7, 2005
    #2
    1. Advertising

  3. These are additional settings in the config. I did not add these. They
    just showed up during the remainder of the terminal configuration. Please
    stick with me until this works I will be eternally grateful.

    !
    ip subnet-zero
    no ip routing

    --------------------------------------------------------------------------------------------------------------------------

    "Paul Cocker" <> wrote in message
    news:crmpa2$ha3$...
    > Don't think you need the route in there (the gateway looks wrong to me
    > anyhow).
    >
    > Also I think you'd need
    >
    > ip subnet-zero
    >
    > so that you can use the 255.255.255.128 subnet.
    >
    >
    >
    >
    > "thetownrecluse" <> wrote in message
    > news:9zBDd.251$...
    >> This is an education situation. I believe I can do this, but not sure
    >>
    >> I have multiple machines on a 192.168.100.x switch. All addresses are
    >> static.
    >>
    >> For learning purposes I wanted to insert a router between the switch and
    >> one of the computers.
    >>
    >> I have subnetted the address space in half with mask 255.255.255.128 on
    >> the machines. I have that up and running.
    >>
    >> The router has one interface at 192.168.100. 7 255.255.255.128 and the
    >> other at 192.168.100.130 255.255.255.128.
    >>
    >> I can ping all network addresses from the router. From 192.168.100.132
    >> address I can ping the 192.168.100.130.
    >>
    >> interface Ethernet0
    >> ip address 192.168.100.130 255.255.255.12
    >> no ip route-cache
    >> no ip mroute-cache
    >> !
    >> interface Ethernet1
    >> ip address 192.168.100.7 255.255.255.128
    >> no ip route-cache
    >> no ip mroute-cache
    >> !
    >> .
    >> .
    >> .
    >> .
    >> ip classless
    >> ip route 192.168.100.0 255.255.255.128 192.168.100.128
    >> ip http server
    >> !
    >>
    >>
    >> What am I doing wrong?????????
    >>

    >
    >
    thetownrecluse, Jan 7, 2005
    #3
  4. thetownrecluse

    Paul Cocker Guest

    "thetownrecluse" <> wrote in message
    news:eek:8CDd.410$...
    > These are additional settings in the config. I did not add these. They
    > just showed up during the remainder of the terminal configuration. Please
    > stick with me until this works I will be eternally grateful.
    >
    > !
    > ip subnet-zero
    > no ip routing
    >
    > --------------------------------------------------------------------------------------------------------------------------
    >
    > "Paul Cocker" <> wrote in message
    > news:crmpa2$ha3$...
    >> Don't think you need the route in there (the gateway looks wrong to me
    >> anyhow).
    >>
    >> Also I think you'd need
    >>
    >> ip subnet-zero
    >>
    >> so that you can use the 255.255.255.128 subnet.
    >>
    >>
    >>
    >>
    >> "thetownrecluse" <> wrote in message
    >> news:9zBDd.251$...
    >>> This is an education situation. I believe I can do this, but not sure
    >>>
    >>> I have multiple machines on a 192.168.100.x switch. All addresses are
    >>> static.
    >>>
    >>> For learning purposes I wanted to insert a router between the switch and
    >>> one of the computers.
    >>>
    >>> I have subnetted the address space in half with mask 255.255.255.128 on
    >>> the machines. I have that up and running.
    >>>
    >>> The router has one interface at 192.168.100. 7 255.255.255.128 and the
    >>> other at 192.168.100.130 255.255.255.128.
    >>>
    >>> I can ping all network addresses from the router. From 192.168.100.132
    >>> address I can ping the 192.168.100.130.
    >>>
    >>> interface Ethernet0
    >>> ip address 192.168.100.130 255.255.255.12
    >>> no ip route-cache
    >>> no ip mroute-cache
    >>> !
    >>> interface Ethernet1
    >>> ip address 192.168.100.7 255.255.255.128
    >>> no ip route-cache
    >>> no ip mroute-cache
    >>> !
    >>> .
    >>> .
    >>> .
    >>> .
    >>> ip classless
    >>> ip route 192.168.100.0 255.255.255.128 192.168.100.128
    >>> ip http server
    >>> !
    >>>
    >>>
    >>> What am I doing wrong?????????
    >>>

    >>
    >>

    >
    >


    no ip routing doesn't sound right.

    try

    conf t
    ip routing

    also get rid of the original route

    no ip route 192.168.100.0 255.255.255.128 192.168.100.128


    I'm a beginner myself so this might be wrong!
    Paul Cocker, Jan 7, 2005
    #4
  5. thetownrecluse

    Peter Guest

    Hi Paul,

    > Don't think you need the route in there (the gateway looks wrong to me
    > anyhow).


    Yes, the route statement should point to a valid Next Hop. It does not
    appear to be doing that.

    You also need a Route statement for the other subnet, again pointing
    to a valid next hop.

    > Also I think you'd need
    >
    > ip subnet-zero


    Nope, that may be required if the network addresses were something like
    192.168.0.x (IE the 3rd element was a 0 and you were using class C
    masks)...


    >>I can ping all network addresses from the router. From 192.168.100.132
    >>address I can ping the 192.168.100.130.


    Provided a Router interface is UP/UP, you should be able to PING all
    directly connected devices, but to communicate from devices on one
    Router interface THROUGH the router to devices on the other interface,
    you need to tell the router what to do with the traffic that comes
    into the Router from that interface, AND the reverse flow.

    >>ip route 192.168.100.0 255.255.255.128 192.168.100.128


    I suspect this should really be -
    ip route 192.168.100.0 255.255.255.128 ethernet1

    and if you have no other route statements you also need -
    ip route 192.168.100.128 255.255.255.128 ethernet0
    to cover the reverse direction.

    Cheers..........pk.
    Peter, Jan 8, 2005
    #5
  6. thetownrecluse

    Tom Guest


    > Provided a Router interface is UP/UP, you should be able to PING all
    > directly connected devices, but to communicate from devices on one
    > Router interface THROUGH the router to devices on the other interface,
    > you need to tell the router what to do with the traffic that comes
    > into the Router from that interface, AND the reverse flow.
    >
    > >>ip route 192.168.100.0 255.255.255.128 192.168.100.128

    >
    > I suspect this should really be -
    > ip route 192.168.100.0 255.255.255.128 ethernet1
    >
    > and if you have no other route statements you also need -
    > ip route 192.168.100.128 255.255.255.128 ethernet0
    > to cover the reverse direction.
    >
    > Cheers..........pk.
    >


    The router does not need any static routes for networks that are directly
    connected.
    Tom, Jan 8, 2005
    #6
  7. thetownrecluse

    Tom Guest


    > I can ping all network addresses from the router. From 192.168.100.132
    > address I can ping the 192.168.100.130.


    I presume that your issue is that 192.168.100.132 can only ping
    192.168.100.130 but nothing else? Does this PC have a default route or a
    static route so that it knows how to get to networks not in its own range?


    > interface Ethernet0
    > ip address 192.168.100.130 255.255.255.12
    > no ip route-cache
    > no ip mroute-cache
    > !
    > interface Ethernet1
    > ip address 192.168.100.7 255.255.255.128
    > no ip route-cache
    > no ip mroute-cache
    > !
    > .
    > .
    > .
    > .
    > ip classless
    > ip route 192.168.100.0 255.255.255.128 192.168.100.128
    > ip http server
    > !


    This static is not needed and is wrong anyway.

    >
    > What am I doing wrong?????????
    >


    As above!
    Tom, Jan 8, 2005
    #7
  8. thetownrecluse

    Paul Cocker Guest

    >
    >> Also I think you'd need
    >>
    >> ip subnet-zero

    >
    > Nope, that may be required if the network addresses were something like
    > 192.168.0.x (IE the 3rd element was a 0 and you were using class C
    > masks)...


    I think you've been misinformed. 192.168.0.0 255.255.255.128 breaks down
    into two subnets

    host broadcast range
    192.168.0.0 192.168.0.127 192.168.0.1-192.168.0.126
    192.168.0.128 192.168.0.255 192.168.0.129-192.168.0.254

    The top one is the "all zero's" subnet and the bottom one the "all 1's".
    Valid subnets are 2^1 -2 = 0

    Only if you use ip subnet-zero are you allowed to use the top and bottom
    subnets - in this case both of them.

    Before the use of ip subnet-zero you'd have to break it down to
    255.255.255.192

    giving you

    host broadcast range
    192.168.0.0 192.168.0.63 192.168.0.1-192.168.0.62
    192.168.0.64 192.168.0.127 192.168.0.129-192.168.0.126
    192.168.0.128 192.168.0.191 192.168.0.129-192.168.0.190
    192.168.0.192 192.168.0.255 192.168.0.193-192.168.0.254

    Where the top and bottom subnets are invalid and you'd only get the middle
    two. Very wasteful obviously.

    If I've misunderstood this please let me know cause it means I need to hit
    the books again!
    Paul Cocker, Jan 8, 2005
    #8
  9. thetownrecluse

    Peter Guest

    Hi Paul,

    >>>Also I think you'd need
    >>>
    >>>ip subnet-zero

    >>
    >>Nope, that may be required if the network addresses were something like
    >>192.168.0.x (IE the 3rd element was a 0 and you were using class C
    >>masks)...

    >
    >
    > I think you've been misinformed. 192.168.0.0 255.255.255.128 breaks down
    > into two subnets


    If you look at the original section of config that was posted -

    > interface Ethernet0
    > ip address 192.168.100.130 255.255.255.12
    > no ip route-cache
    > no ip mroute-cache
    > !
    > interface Ethernet1
    > ip address 192.168.100.7 255.255.255.128
    > no ip route-cache
    > no ip mroute-cache


    then he is using 2 subnets, both based on 192.168.100.x, so "ip
    subnet-zero" does not enter into this particular configuration.

    Cheers...........pk.
    Peter, Jan 8, 2005
    #9
  10. thetownrecluse

    Peter Guest

    Hi Tom,

    >>Provided a Router interface is UP/UP, you should be able to PING all
    >>directly connected devices, but to communicate from devices on one
    >>Router interface THROUGH the router to devices on the other interface,
    >>you need to tell the router what to do with the traffic that comes
    >>into the Router from that interface, AND the reverse flow.
    >>
    >>
    >>>>ip route 192.168.100.0 255.255.255.128 192.168.100.128

    >>
    >>I suspect this should really be -
    >>ip route 192.168.100.0 255.255.255.128 ethernet1
    >>
    >>and if you have no other route statements you also need -
    >>ip route 192.168.100.128 255.255.255.128 ethernet0
    >>to cover the reverse direction.
    >>
    >>Cheers..........pk.
    >>

    >
    >
    > The router does not need any static routes for networks that are directly
    > connected.


    Correct, the ROUTER doesn't need any static routes for directly
    connected networks, but devices EXTERNAL to the Router (IE those
    devices that need to TRANSIT the Router) do. The original post
    suggested (although it was not explicitly stated) that there was no
    return path provided in the config.

    This is because any traffic generated FROM the Router itself uses the
    IP address of the output interface as its SOURCE address (unless you
    use an extended PING where you can explicitly specify it), and it just
    has to do an ARP for the target, so it does not need a specific route
    to proceed.

    Traffic that enters the Router from an external device DOES need a
    specific route for the Router to be able to determine the interface to
    use when it exits the Router.

    Cheers.................pk.
    Peter, Jan 8, 2005
    #10
  11. thetownrecluse

    Paul Cocker Guest

    "Peter" <> wrote in message
    news:41dfb851$...
    > Hi Paul,
    >
    >>>>Also I think you'd need
    >>>>
    >>>>ip subnet-zero
    >>>
    >>>Nope, that may be required if the network addresses were something like
    >>>192.168.0.x (IE the 3rd element was a 0 and you were using class C
    >>>masks)...

    >>
    >>
    >> I think you've been misinformed. 192.168.0.0 255.255.255.128 breaks down
    >> into two subnets

    >
    > If you look at the original section of config that was posted -
    >
    > > interface Ethernet0
    > > ip address 192.168.100.130 255.255.255.12
    > > no ip route-cache
    > > no ip mroute-cache
    > > !
    > > interface Ethernet1
    > > ip address 192.168.100.7 255.255.255.128
    > > no ip route-cache
    > > no ip mroute-cache

    >
    > then he is using 2 subnets, both based on 192.168.100.x, so "ip
    > subnet-zero" does not enter into this particular configuration.
    >
    > Cheers...........pk.
    >


    but 192.168.100.1-126 is the all 0's subnet eg 11111111
    11111111 11111111 0 <----- all 0's
    and 192.168.100.129-254 is the all 1's subnet eg 11111111
    11111111 11111111 1 <------ all 1's

    both invalid unless you use ip-subnet zero.

    http://www.cisco.com/warp/public/105/40.html


    Can someone else jump in here and tell me if I'm crazy or not?
    Paul Cocker, Jan 8, 2005
    #11
  12. thetownrecluse

    Tom Guest

    "Peter" <> wrote in message
    news:41dfbc4a$...
    > Hi Tom,
    >
    > >>Provided a Router interface is UP/UP, you should be able to PING all
    > >>directly connected devices, but to communicate from devices on one
    > >>Router interface THROUGH the router to devices on the other interface,
    > >>you need to tell the router what to do with the traffic that comes
    > >>into the Router from that interface, AND the reverse flow.
    > >>
    > >>
    > >>>>ip route 192.168.100.0 255.255.255.128 192.168.100.128
    > >>
    > >>I suspect this should really be -
    > >>ip route 192.168.100.0 255.255.255.128 ethernet1
    > >>
    > >>and if you have no other route statements you also need -
    > >>ip route 192.168.100.128 255.255.255.128 ethernet0
    > >>to cover the reverse direction.
    > >>
    > >>Cheers..........pk.
    > >>

    > >
    > >
    > > The router does not need any static routes for networks that are

    directly
    > > connected.

    >
    > Correct, the ROUTER doesn't need any static routes for directly
    > connected networks, but devices EXTERNAL to the Router (IE those
    > devices that need to TRANSIT the Router) do. The original post
    > suggested (although it was not explicitly stated) that there was no
    > return path provided in the config.
    >
    > This is because any traffic generated FROM the Router itself uses the
    > IP address of the output interface as its SOURCE address (unless you
    > use an extended PING where you can explicitly specify it), and it just
    > has to do an ARP for the target, so it does not need a specific route
    > to proceed.
    >
    > Traffic that enters the Router from an external device DOES need a
    > specific route for the Router to be able to determine the interface to
    > use when it exits the Router.
    >
    > Cheers.................pk.
    >


    So you agree that these statements ..

    ip route 192.168.100.0 255.255.255.128 ethernet1
    ip route 192.168.100.128 255.255.255.128 ethernet0

    ... are not required in the router config as these are directly connected to
    the router and the clients are directly conncted to these networks.

    What is required is that the clients on the 192.168.100.0 network have a
    route to the 192.168.100.128 network via 192.168.100.7

    On the client machines ..

    route add 192.168.100.128 netmask 255.255.255.128 192.168.100.7

    ... and the machine on the 192.168.100.128 network has a route to the
    192.168.100.0 network via 192.168.100.130

    route add 192.168.100.0 netmask 255.255.255.128 192.168.100.130
    Tom, Jan 8, 2005
    #12
  13. thetownrecluse

    Tom Guest

    "Paul Cocker" <> wrote in message
    news:crof54$lok$...
    >
    > "Peter" <> wrote in message
    > news:41dfb851$...
    > > Hi Paul,
    > >
    > >>>>Also I think you'd need
    > >>>>
    > >>>>ip subnet-zero
    > >>>
    > >>>Nope, that may be required if the network addresses were something like
    > >>>192.168.0.x (IE the 3rd element was a 0 and you were using class C
    > >>>masks)...
    > >>
    > >>
    > >> I think you've been misinformed. 192.168.0.0 255.255.255.128 breaks

    down
    > >> into two subnets

    > >
    > > If you look at the original section of config that was posted -
    > >
    > > > interface Ethernet0
    > > > ip address 192.168.100.130 255.255.255.12
    > > > no ip route-cache
    > > > no ip mroute-cache
    > > > !
    > > > interface Ethernet1
    > > > ip address 192.168.100.7 255.255.255.128
    > > > no ip route-cache
    > > > no ip mroute-cache

    > >
    > > then he is using 2 subnets, both based on 192.168.100.x, so "ip
    > > subnet-zero" does not enter into this particular configuration.
    > >
    > > Cheers...........pk.
    > >

    >
    > but 192.168.100.1-126 is the all 0's subnet eg 11111111
    > 11111111 11111111 0 <----- all 0's
    > and 192.168.100.129-254 is the all 1's subnet eg 11111111
    > 11111111 11111111 1 <------ all 1's
    >
    > both invalid unless you use ip-subnet zero.
    >
    > http://www.cisco.com/warp/public/105/40.html
    >
    >
    > Can someone else jump in here and tell me if I'm crazy or not?
    >
    >


    The first subnet 192.168.100.0 /25 is the zero subnet and so ' ip-subnet
    zero' is required. The second range 192.168.100.128 /25 would normally be a
    valid range anyway.

    Good link.
    Tom, Jan 8, 2005
    #13
  14. thetownrecluse

    Peter Guest

    Hi Tom,

    > So you agree that these statements ..
    >
    > ip route 192.168.100.0 255.255.255.128 ethernet1
    > ip route 192.168.100.128 255.255.255.128 ethernet0
    >
    > .. are not required in the router config as these are directly connected to
    > the router and the clients are directly conncted to these networks.


    No, I disagree with that statement, the Routes are needed for "normal"
    Router operation. Yes, the Routes are NOT needed ONLY IF the source of
    the data flow (EG the PING test) IS from the ROUTER itself. However
    the Routes ARE needed for traffic that ENTERS the Router on one
    interface, and EXITS the router on another interface. The 2 Networks
    are connected to different interfaces on the ROUTER, but the 2
    Networks are NOT connected DIRECTLY to each other. The Router still
    needs ROUTES defined to complete the connection between its 2
    interfaces. This can be done using static routes, or turning on some
    form of routing.

    If you have a chance, set up a test router just like the above (IE
    with 2 interfaces addressed (AND ACTIVE), but without any routes
    defined, and then from the Routers perspective, look at "show ip
    route". Then add just one specific Network Route and repeat the
    display. Take note of the TYPE of route that the router has recoded
    against each one. Then try "show ip route connected". Then remove the
    static entry and add turn on routing -
    router rip
    version 2 (required because RIP v1 can't handle subnets).
    The Routing protocol will learn about the connected networks and
    automatically build the appropriate route table entries. Then do "show
    ip route" again. Hopefully that will make things a bit clearer.

    > What is required is that the clients on the 192.168.100.0 network have a
    > route to the 192.168.100.128 network via 192.168.100.7
    >
    > On the client machines ..
    >
    > route add 192.168.100.128 netmask 255.255.255.128 192.168.100.7
    >
    > .. and the machine on the 192.168.100.128 network has a route to the
    > 192.168.100.0 network via 192.168.100.130
    >
    > route add 192.168.100.0 netmask 255.255.255.128 192.168.100.130


    Yes, plus a reverse route for the return traffic.

    Cheers.........pk.
    Peter, Jan 8, 2005
    #14
  15. thetownrecluse

    Peter Guest

    Hi Paul,

    >>>interface Ethernet0
    >>>ip address 192.168.100.130 255.255.255.12
    >>>no ip route-cache
    >>>no ip mroute-cache
    >>>!
    >>>interface Ethernet1
    >>>ip address 192.168.100.7 255.255.255.128
    >>>no ip route-cache
    >>>no ip mroute-cache

    >>
    >>then he is using 2 subnets, both based on 192.168.100.x, so "ip
    >>subnet-zero" does not enter into this particular configuration.
    >>
    >>Cheers...........pk.
    >>

    >
    >
    > but 192.168.100.1-126 is the all 0's subnet eg 11111111
    > 11111111 11111111 0 <----- all 0's
    > and 192.168.100.129-254 is the all 1's subnet eg 11111111
    > 11111111 11111111 1 <------ all 1's
    >
    > both invalid unless you use ip-subnet zero.
    >
    > http://www.cisco.com/warp/public/105/40.html
    >
    >
    > Can someone else jump in here and tell me if I'm crazy or not?


    Oops, you are correct, I was thinking of Classful routing, not
    subnet-zero for some reason......;-) The use of "ip subnet-zero" has
    not been needed since IOS release 12.0, so its not something I have
    had to think about for a while.

    Sorry about that chief.

    Cheers.....pk.
    Peter, Jan 8, 2005
    #15
  16. thetownrecluse

    S. Gione Guest

    I didn't read all the responses, so if this is already answered, ignore it.

    I think your subnetting is the source of your problems.

    In 192.168.100. 7 255.255.255.128, the host address .7 is not in the .128
    subnet. The high order bit (bit 128) is not on ... the host addresses for
    that subnet will start with .129 and continue upwards. (Test: if you & 128
    and 7, the result is 0)

    In 192.168.100.130 255.255.255.12 ... the subnet mask of .12 does not appear
    correct. First, the host .130 is in the .128 subnet. (Try 12 & 130 -> 0;
    128 & 130 -> 128)

    If you're going to subnet the last octet, I would recommend using .128
    (which you have) and .64. The .12 would be only useful in a 2-node PPP link
    (which may be o.k. for your purposes).


    "thetownrecluse" <> wrote in message
    news:9zBDd.251$...
    > This is an education situation. I believe I can do this, but not sure
    >
    > I have multiple machines on a 192.168.100.x switch. All addresses are
    > static.
    >
    > For learning purposes I wanted to insert a router between the switch and

    one
    > of the computers.
    >
    > I have subnetted the address space in half with mask 255.255.255.128 on

    the
    > machines. I have that up and running.
    >
    > The router has one interface at 192.168.100. 7 255.255.255.128 and the

    other
    > at 192.168.100.130 255.255.255.128.
    >
    > I can ping all network addresses from the router. From 192.168.100.132
    > address I can ping the 192.168.100.130.
    >
    > interface Ethernet0
    > ip address 192.168.100.130 255.255.255.12
    > no ip route-cache
    > no ip mroute-cache
    > !
    > interface Ethernet1
    > ip address 192.168.100.7 255.255.255.128
    > no ip route-cache
    > no ip mroute-cache
    > !
    > .
    > .
    > .
    > .
    > ip classless
    > ip route 192.168.100.0 255.255.255.128 192.168.100.128
    > ip http server
    > !
    >
    >
    > What am I doing wrong?????????
    >
    >
    S. Gione, Jan 8, 2005
    #16
  17. thetownrecluse

    Tom Guest

    "Peter" <> wrote in message
    news:41e05e4e$...
    > Hi Tom,
    >
    > > So you agree that these statements ..
    > >
    > > ip route 192.168.100.0 255.255.255.128 ethernet1
    > > ip route 192.168.100.128 255.255.255.128 ethernet0
    > >
    > > .. are not required in the router config as these are directly connected

    to
    > > the router and the clients are directly conncted to these networks.

    >
    > No, I disagree with that statement, the Routes are needed for "normal"
    > Router operation. Yes, the Routes are NOT needed ONLY IF the source of
    > the data flow (EG the PING test) IS from the ROUTER itself. However
    > the Routes ARE needed for traffic that ENTERS the Router on one
    > interface, and EXITS the router on another interface. The 2 Networks
    > are connected to different interfaces on the ROUTER, but the 2
    > Networks are NOT connected DIRECTLY to each other. The Router still
    > needs ROUTES defined to complete the connection between its 2
    > interfaces. This can be done using static routes, or turning on some
    > form of routing.


    No, incorrect. You do not need to create static routes to tell a router what
    it has 'directly connected'. If you were correct then none of the 800+
    routers that I manage would be working right now. You seem to be suggesting
    that if traffic enters a routers interface destined for the other interface
    then the router will not know what interface to forward that traffic to
    without a static route ,

    <quote>The Router still needs ROUTES defined to complete the connection
    between its 2 interfaces. </quote>

    whereas in fact just looking at the routing table shows that it does know.
    A Cisco router does not have a 'per interface' routing table. If you have a
    directly connected network AND you add a static route for that same network,
    that static entry will not be used because its administrative distance will
    be higher that the connected route.

    Let me demonstrate.

    My routers fastethernet0 port has the IP address 10.19.72.1 /24.

    interface FastEthernet0
    ip address 10.19.72.1 255.255.255.0

    So, without any static route for this network present in the routers config,
    does the router know where to send traffic destined for the 10.19.72.0 /24
    network. Of course it does ..

    evilhomer# sh ip route 10.19.72.0
    Routing entry for 10.19.72.0/24
    Known via "connected", distance 0, metric 0 (connected, via interface)
    <note the 'distance'
    Routing Descriptor Blocks:
    * directly connected, via FastEthernet0
    Route metric is 0, traffic share count is 1

    So when traffic enters my router from another port with a destination
    address of 10.19.72.x the router knows that this network is on FastEthernet0
    and so that packets are forwarded to that port.

    Also note that the metric is 0, as the network is directly connected. So,
    according to you if I enter a static route for this network, that static
    will show up as the correct route! Let's see ..

    evilhomer#conf t
    Enter configuration commands, one per line. End with CNTL/Z.
    evilhomer(config)#ip route 10.19.72.0 255.255.255.0 FastEthernet0
    evilhomer(config)#^Z
    evilhomer#sh ip route 10.19.72.0
    Routing entry for 10.19.72.0/24
    Known via "connected", distance 0, metric 0 (connected, via interface)
    Routing Descriptor Blocks:
    * directly connected, via FastEthernet0 < still using the connected
    entry!
    Route metric is 0, traffic share count is 1

    evilhomer#

    So here I have added a static route which is now in my config. However, the
    router ignores it and still uses the directly connected entry. Why is this?
    Well it's because the static route has an administrative distance of 1 where
    as the connected route has a lower distance of 0, and so the lower distance
    route is selected. So, I can remove the static and it all still works okay.

    In fact, even if I tell the router that this network is now reachable by a
    different interface, it will ignore it and choose the connected route. Let's
    see if I can bugger up my router by adding an incorrect route for my network
    ...

    evilhomer(config)#ip route 10.19.72.0 255.255.255.0 atm0.1
    evilhomer(config)#^Z
    evilhomer#sh ip route 10.19.72.1
    Routing entry for 10.19.72.0/24
    Known via "connected", distance 0, metric 0 (connected, via interface)
    Routing Descriptor Blocks:
    * directly connected, via FastEthernet0
    Route metric is 0, traffic share count is 1

    Nope. The CONNECTED route prevails!

    You only need to add statics for networks that are not connected to the
    router but are reachable via another device (when not using routing
    protocols of course). If the network is DIRECTLY CONNECTED to the router
    then it can forward the traffic received on an interface to ANOTHER
    interface based on the information that it has on its directly connected
    networks.

    So, in the case of the op, his router has two interfaces:

    interface Ethernet0
    ip address 192.168.100.130 255.255.255.128
    no ip route-cache
    no ip mroute-cache
    !
    interface Ethernet1
    ip address 192.168.100.7 255.255.255.128
    no ip route-cache
    no ip mroute-cache
    !

    If you did a 'sh ip route' on this router, you would see both networks as
    'Known via "connected", distance 0, metric 0 (connected, via interface)'

    Routing entry for 192.168.100.128/25
    Known via "connected", distance 0, metric 0 (connected, via interface)
    Routing Descriptor Blocks:
    * directly connected, via Ethernet0
    Route metric is 0, traffic share count is 1

    Routing entry for 192.168.100.0/25
    Known via "connected", distance 0, metric 0 (connected, via interface)
    Routing Descriptor Blocks:
    * directly connected, via Ethernet1
    Route metric is 0, traffic share count is 1

    So traffic from an external source entering Ethernet0 destined for
    192.168.100.0 /25 would be forwarded to Ethernet1 and traffic entering
    Ethernet1 destined for 192.168.100.128 /25 would be forwarded to Ethernet0,
    based on the information that the router has about the networks that are
    connected directly to its interfaces. This works WITHOUT static routes in
    the config.

    > If you have a chance, set up a test router just like the above (IE
    > with 2 interfaces addressed (AND ACTIVE), but without any routes
    > defined, and then from the Routers perspective, look at "show ip
    > route". Then add just one specific Network Route and repeat the
    > display. Take note of the TYPE of route that the router has recoded
    > against each one.


    Yes, without any routes added by me the router still knows about the network
    and with routes added the connected route is still selected. This is why I
    NEVER add statics for directly connected networks. Never have and never
    will!

    If you feel the need to add static routes to a router to tell it which
    interface has which network then please feel free to do so. However, this
    information will not be used by the router as I have demontrated and
    therefore is not required.

    Regards,

    Tom



    Then try "show ip route connected". Then remove the
    > static entry and add turn on routing -
    > router rip
    > version 2 (required because RIP v1 can't handle subnets).
    > The Routing protocol will learn about the connected networks and
    > automatically build the appropriate route table entries. Then do "show
    > ip route" again. Hopefully that will make things a bit clearer.
    >
    > > What is required is that the clients on the 192.168.100.0 network have a
    > > route to the 192.168.100.128 network via 192.168.100.7
    > >
    > > On the client machines ..
    > >
    > > route add 192.168.100.128 netmask 255.255.255.128 192.168.100.7
    > >
    > > .. and the machine on the 192.168.100.128 network has a route to the
    > > 192.168.100.0 network via 192.168.100.130
    > >
    > > route add 192.168.100.0 netmask 255.255.255.128 192.168.100.130

    >
    > Yes, plus a reverse route for the return traffic.
    >
    > Cheers.........pk.
    >
    Tom, Jan 9, 2005
    #17
  18. thetownrecluse

    Tom Guest

    "S. Gione" <> wrote in message
    news:ff_Dd.52253$...
    > I didn't read all the responses, so if this is already answered, ignore

    it.
    >
    > I think your subnetting is the source of your problems.
    >
    > In 192.168.100. 7 255.255.255.128, the host address .7 is not in the .128
    > subnet. The high order bit (bit 128) is not on ... the host addresses for
    > that subnet will start with .129 and continue upwards. (Test: if you &

    128
    > and 7, the result is 0)
    >
    > In 192.168.100.130 255.255.255.12 ... the subnet mask of .12 does not

    appear
    > correct. First, the host .130 is in the .128 subnet. (Try 12 & 130 -> 0;
    > 128 & 130 -> 128)


    I think that the .12 is a mistype. He actually has ..

    interface Ethernet0
    ip address 192.168.100.130 255.255.255.128
    no ip route-cache
    no ip mroute-cache
    !
    interface Ethernet1
    ip address 192.168.100.7 255.255.255.128
    no ip route-cache
    no ip mroute-cache
    !

    So his 192.168.100.130 interface is in the 192.168.100.128 /25 network and
    the 192.168.100.7 interface is in the 192.168.100.0 /25 network.
    Tom, Jan 9, 2005
    #18
  19. thetownrecluse

    Tom Guest

    "Tom" <chris@nospam> wrote in message
    news:...
    >
    > "Peter" <> wrote in message
    > news:41e05e4e$...
    > > Hi Tom,
    > >
    > > > So you agree that these statements ..
    > > >
    > > > ip route 192.168.100.0 255.255.255.128 ethernet1
    > > > ip route 192.168.100.128 255.255.255.128 ethernet0
    > > >
    > > > .. are not required in the router config as these are directly

    connected
    > to
    > > > the router and the clients are directly conncted to these networks.

    > >
    > > No, I disagree with that statement, the Routes are needed for "normal"
    > > Router operation. Yes, the Routes are NOT needed ONLY IF the source of
    > > the data flow (EG the PING test) IS from the ROUTER itself. However
    > > the Routes ARE needed for traffic that ENTERS the Router on one
    > > interface, and EXITS the router on another interface. The 2 Networks
    > > are connected to different interfaces on the ROUTER, but the 2
    > > Networks are NOT connected DIRECTLY to each other. The Router still
    > > needs ROUTES defined to complete the connection between its 2
    > > interfaces. This can be done using static routes, or turning on some
    > > form of routing.

    >
    > No, incorrect. You do not need to create static routes to tell a router

    what
    > it has 'directly connected'. If you were correct then none of the 800+
    > routers that I manage would be working right now. You seem to be

    suggesting
    > that if traffic enters a routers interface destined for the other

    interface
    > then the router will not know what interface to forward that traffic to
    > without a static route ,
    >
    > <quote>The Router still needs ROUTES defined to complete the connection
    > between its 2 interfaces. </quote>
    >
    > whereas in fact just looking at the routing table shows that it does

    know.
    > A Cisco router does not have a 'per interface' routing table. If you have

    a
    > directly connected network AND you add a static route for that same

    network,
    > that static entry will not be used because its administrative distance

    will
    > be higher that the connected route.
    >



    Peter,

    Just jumped onto a router that connects my work LAN to a management LAN for
    another network. This is ONE router with TWO interfaces and two networks,
    192.168.3 and 192.168.204.

    interface Ethernet0
    description << access to switch mgmt server >>
    ip address 192.168.204.253 255.255.255.0
    half-duplex
    !
    interface FastEthernet0
    description << IS Management LAN >>
    ip address 192.168.3.254 255.255.255.0
    speed auto

    There are NO static routes on this router. So according to your theory I
    should not be able to ping 192.168.204.253 from a device on the
    FastEthernet0 network.

    From 192.168.3.113 ..

    [tom@red tom]$ ping 192.168.204.253
    PING 192.168.204.253 (192.168.204.253) 56(84) bytes of data.
    64 bytes from 192.168.204.253: icmp_seq=1 ttl=255 time=0.959 ms
    64 bytes from 192.168.204.253: icmp_seq=2 ttl=255 time=0.899 ms
    64 bytes from 192.168.204.253: icmp_seq=3 ttl=255 time=0.986 ms

    How does the router know which inteface to send the packets to once they hit
    the 192.168.3.254 interface?

    switch_mgmt#sh ip route
    Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP
    D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
    N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
    E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP
    i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS inter
    area
    * - candidate default, U - per-user static route, o - ODR
    P - periodic downloaded static route

    Gateway of last resort is not set

    C 192.168.204.0/24 is directly connected, Ethernet0
    C 192.168.3.0/24 is directly connected, FastEthernet0
    switch_mgmt#

    No static routes required!

    Tom.
    Tom, Jan 9, 2005
    #19
  20. In article <>, Tom <chris@nospam> wrote:
    :<quote>The Router still needs ROUTES defined to complete the connection
    :between its 2 interfaces. </quote>

    : whereas in fact just looking at the routing table shows that it does know.
    :A Cisco router does not have a 'per interface' routing table. If you have a
    :directly connected network AND you add a static route for that same network,
    :that static entry will not be used because its administrative distance will
    :be higher that the connected route.

    You are certainly on the right track, but when that statement is
    taken in isolation, I do not think it is correct in -all- circumstances.

    If you have turned on one of the routing protocols that supports
    unequal cost routes, and you 'redistribute connected'
    and 'redistribute static' to inject the connected and static routes
    into the routing algorithm, then particularily if you had
    CEF enabled, then the different administrative distances would
    translate into different costs, potentially leading to differential
    sharing of the packets to the two different routes.

    I'm speaking from theory here, that someone could deliberately
    configure IOS -not- to ignore the static entry, but it would have
    to be pretty deliberate (either that, or it'd have to be
    someone who didn't know what they were doing ;-) )
    --
    And the wind keeps blowing the angel / Backwards into the future /
    And this wind, this wind / Is called / Progress.
    -- Laurie Anderson
    Walter Roberson, Jan 9, 2005
    #20
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. kpg

    stupid stupid stupid

    kpg, Oct 26, 2004, in forum: MCSE
    Replies:
    17
    Views:
    815
    T-Bone
    Nov 26, 2004
  2. =?ISO-8859-1?Q?R=F4g=EAr?=
    Replies:
    6
    Views:
    740
  3. Michael P Gabriel

    Stupid is as Stupid Does!

    Michael P Gabriel, Jun 24, 2004, in forum: Digital Photography
    Replies:
    3
    Views:
    370
    stewy
    Jun 26, 2004
  4. john
    Replies:
    0
    Views:
    625
  5. RichA

    The stupid, STUPID 4/3rds versus FF lens B.S.

    RichA, Oct 21, 2010, in forum: Digital Photography
    Replies:
    6
    Views:
    319
    Robert Coe
    Oct 24, 2010
Loading...

Share This Page