Great Circle Associates Firewalls
(August 1996) 		 
Indexed By Date: [Previous] [Next] Indexed By Thread: [Previous] [Next]
Subject: Re: To Subnet or not?
From: Brian Hatch <bri @ ifokr . org>
Date: Mon, 12 Aug 1996 18:39:13 -0500 (CDT)
To: Paul Harrison <pah @ esoft . co . uk>
Cc: firewalls @ greatcircle . com
In-reply-to: <199608121536 . QAA28159 @ paris . esoft . co . uk> 
On Mon, 12 Aug 1996, Paul Harrison wrote:

+All the references on this soft of setup assume that you are doing packet
+forwarding from something like 192.100.100.1 to 192.100.99.1, but I only have a
+class C from my ISP and cannot affort to loose the half my IP addresses that
+subnetting would cause.

Well, the main two things you can do are (as has been previously meantioned)
subnet it, or if you'd rather, use one of the officially
blessed 'internal' (ie non-internet propagatable) network number
for the internal side.  If I remember correctly, they're (from RFC 1597)

class a		10.0.0.0

class b		172.16.0.0 to
		172.31.0.0

class c		192.168.0.0 to
		192.168.254.0


Use one of these for the internal interface, and you won't have to subnet 
at all.  


						 Bri
--
bri @
 ifokr .
 org
Systems and Security Engineer
Onsight, Inc.  http://www.avue.com/
Follow-Ups:
References:
Indexed By Date Previous: RE: Supporting Internet Relay Chat CTCP and DCC.
From: "Fernando da Silveira Montenegro" <silveira @ nutec . com . br>
Next: USENIX Symposium Firewalls BOF Notes
From: "Steve Lodin" <swlodin @ eng . delcoelect . com>
Indexed By Thread Previous: To Subnet or not?
From: Paul Harrison <pah @ esoft . co . uk>
Next: Re: To Subnet or not?
From: Rabid Wombat <wombat @ mcfeely . bsfs . org>
Google
 
Search Internet Search www.greatcircle.com