[TriLUG] Routing question

Greg Brown gwbrown1 at gmail.com
Thu Apr 14 09:49:49 EDT 2011


+1 for IPv6.  But that said I agree with Ryan's assessment that ranges in
the 172.16.0.0/16 are far less used than 192.168.x.0/24 with the most used
range being 192.168.1.0/24.  I'd set the VPN lan to something weird,
172.16.192.0/24 or something.. granted you could always run into a conflict
but you are certainly more likely to find a conflict using 192.168.1.0/24 on
your VLAN lan.

Greg

On Thu, Apr 14, 2011 at 9:45 AM, Ryan Leathers <rleathers at americanri.com>wrote:

> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> If the whole world used IPv6 you'd be set. You could do your part in
> getting there by setting up IPv6 on the networks within your control.
>
> Another possibility is to use some portion of the RFC1918 address space
> on your private networks that is less likely to be in conflict. I find
> that things in the class B allocation (172.16.0.0/12) are less often
> used, so if you are not ready to make the leap to IPv6 then pick an
> address space from this range for your private networks and you will
> tend to avoid the problem you described.
>
> Lastly, rely on 'order of specificity' in routing tables. Routing tables
> always look for the most specific route to a destination. This means
> that when we subnet we can have (EXAMPLE) one route to 192.168.1.0/24
> and another route to 192.168.1.64/26. Both will work, but the hosts
> .65-.126 will be reachable via whatever their next hop is while the rest
> of the host addresses from 192.168.1.0 are avilable via a different next
> hop. The more specific route always trumps a less specific one. Make
> sense? Now be careful with this because certain dynamic routing
> protocols don't like you to route subnets this way.
>
>
>
>
>
>
>
> On 4/14/2011 8:52 AM, Brian McCullough wrote:
> > I suspect that this is fairly easily solved, but I can't seem to get my
> head around this.
> >
> > I sometimes want to connect to a VPN from one of my machines ( usually a
> laptop ) while at, for instance, Panera's.  Unfortunately, perhaps, the
> remote LAN uses 192.168 addresses, which sometimes conflict with the "home"
> address range given to the laptop.
> >
> > I am using PPTP from the laptop, and as long as the address ranges don't
> conflict, everything is fine.
> >
> > I tried setting a "Local IP" address on the PPP connection, and that
> seemed to work, at least as far as the address of that port was concerned.
>  Unfortunately, of course, I still didn't understand how to set up the
> routing for that path, because, for instance, there is a machine local to
> the laptop that has the address 192.168.1.123 while one of the machines that
> I want to access on the remote LAN has the address 192.168.1.123.
> >
> > I don't think that I can reset the default route so that ALL of the
> traffic goes through the tunnel -- Internet traffic, for instance, would
> still travel through the "local" network, not the remote one.
> >
> > Knowing this group, I am sure that there are several someones who know
> exactly how to cure this problem.
> >
> > Help?
> >
> >
> > Thanks,
> > Brian
> >
> >
>
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.4.9 (MingW32)
> Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
>
> iQEcBAEBAgAGBQJNpvqPAAoJEJLVDQqFfMajxQ0H/iFzTrizyqmTrBOTj+UpQbX2
> v+yef7/ExMu0QRojN1pC/rICZ41dT3rFNRKH2BfFJJQaEhFq4qjS/X0QCexkT3X3
> Kf9HoTF4jA+sOPkU0fBA4u2mSoox/qtUm3LgTL33V00aeRc4tc9B5TaDf4/mRfJr
> W03y7ftpxjUSPmD8yTaBDR5oesYcMCCe/OhynU8NhKpj2l07fVXNLRZKXn/RYeGF
> ebl7ZnTShv4cofEqdyEOJDKmdoOmwEbIUqr79qo9YXsOJfngjES/73/STe3DVXrO
> itZutzavFhYB84pPG9PT4ulIP7TvzRYZjIHBSPQsRnaWNcPDh8HNTyTKw0q44iI=
> =Hs2o
> -----END PGP SIGNATURE-----
> --
> This message was sent to: Greg Brown <gwbrown1 at gmail.com>
> To unsubscribe, send a blank message to trilug-leave at trilug.org from that
> address.
> TriLUG mailing list : http://www.trilug.org/mailman/listinfo/trilug
> Unsubscribe or edit options on the web  :
> http://www.trilug.org/mailman/options/trilug/gwbrown1%40gmail.com
> TriLUG FAQ          :
> http://www.trilug.org/wiki/Frequently_Asked_Questions
>



More information about the TriLUG mailing list