Mike--
Objective:
>
>
> Firewall relevance:
> -------------------
>
> Splitting a C class network in two, in order to create a DMZ.
201.202.203.0
|
|
-------
| |
| |
201.202.203.0-127 201.202.203.128-255
>
> Question:
> ---------
>
> What can go wrong if a 255.255.255.128 netmask is used? RFC 950
> and Comer's "Internetworking With TCP/IP" recommends not using
> subnet masks with all zeros or ones in the subnet's network field.
> With one bit of subnetting, it would obviously be "all 1" or "all 0".
>
> Quote from RFC-950:
>
> It is useful to preserve and extend the interpretation of these
> special addresses in subnetted networks. This means the values
> of all zeros and all ones in the subnet field should not be
> assigned to actual (physical) subnets.
>
The two networks ($ cd /var/yp ; root make passwd groupyou have created would have two big
problems:
1.
> What would be the best solution, when a subnet of > 60 hosts is needed?
> Also, renumbering of the current *.*.*.1 - *.*.*.50 range of machines
> is highly undesirable.
>
> regards,
>
> - Mikael Suokas -
>
_____________________________________________________________________________
R. Todd Truitt Todd .
Truitt @
evolving .
com
Evolving Systems, Inc.
|
|
