Search Again: Re: Subnet Mask Question From: Chris Buxton Date: Wednesday, August 26, 1998 Time: 10:26:00 am >So if he sets up QDNS records for IPs outside the domain range he's >authoritative for, those requests never reach his QDNS because they're >routed somewhere else? That is mostly correct. The exception is for machines that are set to use his DNS server as a resolver. However, there are two issues here: routing and name/address resolution. It is perfectly legal (in the DNS sense) to have authoritative DNS entries for addresses you don't own. In such a case, you're authoritative for addresses on somebody else's network. From the routing point of view, if your customer has actual machines on his network that have addresses both above and below 128, there's something wrong. A 25-bit subnet (one that has the mask you describe), there are 126 available addresses: either xx.xx.xx.1 through xx.xx.xx.126, or xx.xx.xx.129 through xx.xx.xx.254. Note that some routers don't like this setup, most notably those from Cisco (though my experience with Cisco is a few years out of date). The problem is that some routers consider the first and last subnets of any subnet group to be unusable. This means that a 25-bit subnet isn't usable for dividing a class-C network. For example, splitting up a class-C network with a 26-bit subnet (with a mask of 255.255.255.192), there are four different address spaces, with the following ranges: xx.xx.xx.1 - xx.xx.xx.62 xx.xx.xx.65 - xx.xx.xx.126 xx.xx.xx.129 - xx.xx.xx.190 xx.xx.xx.193 - xx.xx.xx.254 However, some routers consider the first and last of these subnets to be reserved, leaving only two usable subnets. The reason has to do with some faulty (IMO) reasoning regarding the workings of network broadcast packets and some other kind of special network-wide packets. The problem arises when you try to use one of these subnets within one hop of one of these limited routers - they won't connect. This was brought to my attention when I worked at a small ISP. We had a T1 connection to the Internet, through a Livingston PortMaster. We had several ISDN customers (before Livingston offered a PM upgrade for ISDN), two of which used a 25-bit subnet mask. They connected through different routers, one an Ascend, the other a Netopia (our customers were required to buy the routers at both ends of their connections). A third ISDN customer used a Cisco router (of a design acquired when they bought Combinet). The third customer couldn't connect to either of the 25-bit subnets, because the Cisco router refused to accept the correct entries in its routing table. Cisco assured us that (a) this was true for all their routers and (b) our other routers were all wrong to permit this. >> Actually this is a function of a router, not DNS. DNS doesn't know about >> subnets nor should it. Your router should determine what address space is >> routed to him, either above or below the 128. Then with DNS you >> decide what >> to give him authority over. No authority means no good look ups. >> >> Bennie > >> >I have a customer with a subnet mask of 255.255.255.128 His >> current Internic >> >domain lists a primary NS at xxx.xxx.xxx.130 and it works. >> > >> >His QuickDNS data includes addresses both above and below .128 He has >> >machines currently addressed both above and below xxx.xxx.xxx.128. I >> >thought that this mask restricted available addresses to either >> those above >> >or below 128 (I can't remember which). >> > >> >What address range should he be using with his mask? What happens to >> >addresses within the same class C, but on 'the other side' of the mask? >> > >> >-Pat ________________________________ Chris Buxton Internet and Database Consultant

Messages In This Thread: Subnet Mask Question by Pat McCormick on Aug 23, 1998 at 3:57:00 pm Re: Subnet Mask Question by Bennie Warren on Aug 23, 1998 at 10:24:00 pm Re: Subnet Mask Question by Pat McCormick on Aug 23, 1998 at 11:17:00 pm Re: Subnet Mask Question by Chris Buxton on Aug 26, 1998 at 10:26:00 am