This gets asked a lot (I mean a WHOLE LOT), and I can understand why, because it isn't that clear from the docs how to do it, and at least one of the commands you need aren't listed in the older docs. Here's my stab at explaining it. All corrections gleefully accepted.
Before we start, why subnet at all? The main reason is to cut down on routing messages and to reduce the size of the routing tables. If you subnet properly so that each of your Portmasters has one subnet for address assignment, then each Portmaster sends one routing message to the rest to say "I have these guys." Without subnetting each Portmaster must send thirty different messages saying "I have this guy, and I have this guy, and ..." Likewise, with proper subnetting each Portmaster has one entry in its routing table for each other Portmaster saying "he has these guys" instead of thirty separate entries each saying "he has this guy, and he has this guy, and ..."
So when do you need to subnet? This seems to be one of those questions that nobody can answer in advance. You need to subnet when your routing messages start being a problem and/or when you start running low on space for the routing tables, but there's no definitive answer on when that will happen. If you only have one Portmaster you do not need to subnet, period. If you have a few Portmasters all connected together with ethernet, then you probably don't need to subnet. If you have a lot of Portmasters connected by ethernet, then you may need to subnet. If you have several Portmasters in different locations connected by leased lines, then you must subnet for the assignment pools to work properly.
Also, if you are subnetting, you must have more than one class C network. A router will assume that the network its ethernet port is connected to is entirely accessible via the ethernet port, and will not generally want to route stuff for that network any other way.
Which makes sense, actually. The router is connected to a local network via the ethernet port, and that's what these network numbers were meant to be numbering -- local networks. If you don't get there via ethernet, then it's a different network and should have a different network number. Or so the thinking seems to go.
But whether you need to subnet now or not, it's a good idea to plan ahead. Once you know how subnetting is done, you can lay out your network so that it will be relatively painless once the time comes. In fact, once you see how it's done you may decide to go ahead and subnet now rather than wait. As it turns out, it really isn't very hard at all.
First you have to decide how to split up your networks. A 27 bit network gives subnets of 30 usable addresses each, and the Portmaster PM-2eR-30 needs a pool of 30 addresses to hand out, so the choice should be obvious in this situation. You will need to fiddle with the numbers here if you need something different.
Wait -- why 30 instead of 32? The first and last address of any network (including a subnet) is reserved. Generally, the low address means the net itself and the high address (or "broadcast address") means all of the systems in the network.
Back to subnetting. Assuming 27 bit subnets, you get eight groups of 30 addresses, and your netmask is:
255.255.255.224This lets you carve a single class C network into eight subnets of 30 addresses each, or enough for the assignment pools on eight PM2eR30's or PM2e30's (or some combination).
Use your other class C network (the one you have now) for everything of yours other than Portmaster assignment pools. For that network you either leave it as a normal class C, or you "host route" it by setting a netmask of 255.255.255.255. I don't know which is better because I'm too dense to have understood Megazone's descriptions that far.
In this example, we'll assume two networks, "x.x.x" which is our original class C network, and "y.y.y" which is the class C network we're carving into subnets. Substitute your own real IP addresses, of course!
On our x.x.x network we have assigned addresses as follows:
IP address Description ========== =========== 1 Portmaster #1 2 Portmaster #2 3 Portmaster #3 4 Portmaster #4 5 Portmaster #5 6 Portmaster #6 7 Portmaster #7 8 Portmaster #8 10 Primary server 11 Backup serverOn the y.y.y network, the subnets work out as follows:
Subnet IP addresses Description ====== ============ =========== 0 1 - 30 Portmaster #1 assignment pool 32 33 - 62 Portmaster #2 assignment pool 64 65 - 94 Portmaster #3 assignment pool 96 97 - 126 Portmaster #4 assignment pool 128 129 - 158 Portmaster #5 assignment pool 160 161 - 190 Portmaster #6 assignment pool 192 193 - 222 Portmaster #7 assignment pool 224 225 - 254 Portmaster #8 assignment poolYou'll need to tell your Portmasters that you're subnetting, and which block of IP numbers each is to use for dynamic address assignment. Like so: Portmaster #1:
set address x.x.x.1 set assigned y.y.y.1 add netmask y.y.y.0 255.255.255.224 save allThis tells Portmaster #1:
It's own address is x.x.x.1 It's assignment pool starts at y.y.y.1 The y.y.y network is subnetted into 27-bit subnets Remember this in the futureSimilarly, for Portmaster #2:
set address x.x.x.2 set assigned y.y.y.33 add netmask y.y.y.0 255.255.255.224 save allAnd so on for the rest.
Once the Portmasters know about the subnetting they'll use RIP or OSPF or other netmagic to inform each other about routing, so you should not need to add static routes.
Your servers also need to know about the subnetting, and may need to be told the routing manually, like so:
Primary server:
ifconfig ef0 inet x.x.x.10 route add y.y.y.0 -netmask 255.255.255.224 x.x.x.1 route add y.y.y.32 -netmask 255.255.255.224 x.x.x.2 route add y.y.y.64 -netmask 255.255.255.224 x.x.x.3 [et cetera for each Portmaster]Secondary server:
ifconfig ef0 inet x.x.x.11 route add y.y.y.0 -netmask 255.255.255.224 x.x.x.1 route add y.y.y.32 -netmask 255.255.255.224 x.x.x.2 route add y.y.y.64 -netmask 255.255.255.224 x.x.x.3 [et cetera for each Portmaster]The exact form of the commands on your server is going to depend on your system, so take a good look at what you do now and then modify as needed. Also, if your servers understand RIP or whatever is currently in vogue then you may not need to add the static routes.
A note on routing: The above route commands on the servers assumes that all of your Portmasters are on the same ethernet cable. Sometimes it can get a teensy bit more interesting than that. In our own case, Portmaster #3 is connected via frame relay to Portmaster #1. That means that our servers cannot route directly to Portmaster #3, but must route via Portmaster #1 instead, like so:
route add y.y.y.64 -netmask 255.255.255.224 x.x.x.1Note that this subnet is routed to x.x.x.1 instead of x.x.x.3, as in the previous example. That's because from the point of view of the servers that's how to reach the place where that subnet is located.
You should be able to extrapolate from the above to add additional Portmasters, up to eight in all. To add more, get another class C network and configure as above, substituting the new net number where appropriate.
return to Leo's Lair
leo@esva.net