Getting subnets to talk to eachother

DiCe! · 2 Oct 2014 at 15:24

Hi guys,

I have an issue and I am hoping someone can help.

We have set up a network with a range of 172.20.1.1-250
The router is at 250
Almost all of the devices on the network are static IP's

We were then asked to add 150 extra devices onto this network, and didnt have enough addresses in the xxx.xx.1.xxx range.
So I created another VLAN? 172.20.2.xxx

Devices on that vlan/subnet can see the router but I cant get anything on 172.20.1.xxx to talk to 172.20.2.xxx

Does anyone have any idea why?! If I have explained this badly, sorry, networking is not my forte but have been asked to do this and am almost certain I wont get any help from others so....need to make it work.

If you need anyother info etc I will provide.

Many thanks!!

skyripper · 2 Oct 2014 at 15:35

So.. You have two subnets now 172.20.1.x and 172.20.2.x
This tells us your Subnet Mask is something like 255.255.255.0
Thats the first thing to confrm.
You can check this on the router, or on one of the original client machines by looking in the TCPIP properties.

A VLAN, is a way of separating a network switch, which isn't really what you need in this case. Was the 'VLAN' created on the router or configured in the network switch?

skyripper · 2 Oct 2014 at 15:37

The other question is how big is your network?

Is the Router just for talking to the internet, or do you have multiple sites/locations?

jfish · 2 Oct 2014 at 16:00

when you say "Devices on that vlan/subnet can see the router"

I assume you can ping the router - what IP addresses do you ping to each subnet to confirm you can see the router.

I may be daft but this would be simple case of adding static routes to pass traffic between the 2 networks on the router/switch.

bremen1874 · 2 Oct 2014 at 16:04

Isn't just a matter of using a less restrictive mask to create a single larger address pool? 172.20.n.n is an old Class B so 65534 possible addresses.

skyripper · 2 Oct 2014 at 16:08

yep. thats the simplest solution, as long as that router isnt used to talk to other sites/locations. if all it does is talk to the internet - that should do it.

Although 250 machines with static IPs and mask settings will take a while to fix

bremen1874 · 2 Oct 2014 at 16:13

skyripper said:
Although 250 machines with static IPs and mask settings will take a while to fix

I'd consider that a self inflicted injury!

It's quite possible that the masking is already less restrictive than a /24. Why would anyone use 172.20.n.n otherwise? It may just be matter of extending the range on the DHCP server.

It's probably just the VLAN stopping them talking.

leigh_boy · 2 Oct 2014 at 16:19

change the subnet to 255.255.250.0
allowing more ips

so that allows 172.20.1.x
and 172.20.2.x and they can all talk but you will have to change the sub net on everything

skyripper · 2 Oct 2014 at 16:27

250 is 11111010 in binary, meaning that subnet mask is a bit mental.
248 or 252 would work.

meandu229 · 2 Oct 2014 at 16:29

skyripper said:
250 is 11111010 in binary, meaning that subnet mask is a bit mental.
248 or 252 would work.

I never quite understood subnets until this post. Now its just clicked.

skyripper · 2 Oct 2014 at 16:33

Its how I learned TCPIP (many) years ago.

Turn the Subnet mask into Binary.
Turn the IP into Binary.
Stick one under the other.

Any parts of the IP address under a 1 in the subnet mask are a router problem.
Any parts of the IP address under a 0 in the subnet mask are a local problem.

Windows Calculator in Programmer mode will do the binary / decimal rubbish for you.

leigh_boy · 2 Oct 2014 at 16:35

meandu229 said:
I never quite understood subnets until this post. Now its just clicked.

its more complicated then that.

the 1's are host side the 0's are sub net side.
then you have to do some maths using 2n -2

so i doubt you understand it from 1 post with some binary

oh and you have 256 bits - the bits from the sub net .. and some more maths that i cant be bothered to explain

skyripper · 2 Oct 2014 at 16:48

An IPv4 address is 32 bits plus a subnet mask. That can be written as another 32 bits, or it can be just a value like /24. Which means, 24 bits long.

So, 192.168.0.1/255.255.255.0 is the same as 192.168.0.1/24.
I seem to remember some patterns of bits are reserved for Broadcast and Multicast addressing, so can't be given out to hosts.

I've no idea how IPv6 works.

GDL · 2 Oct 2014 at 22:06

meandu229 said:
I never quite understood subnets until this post. Now its just clicked.

If you want a quick way of doing it.

Hosts: Total number of Hosts bits minus the slash notation = 2^Answer - 2

Subnets: Total number of subnet bits before the block your using - the slash notation 2^<Answer>
NOTE: Larger number first.

Caged · 3 Oct 2014 at 01:58

You get subnets to talk to each other using a router. If the router you are using has an interface in each subnet then unless it firewalls by default you should have no issues getting traffic to travel between the two.

Armageus · 3 Oct 2014 at 07:23

Caged said:
You get subnets to talk to each other using a router. If the router you are using has an interface in each subnet then unless it firewalls by default you should have no issues getting traffic to travel between the two.

that assumes he has a router or layer 3 switch that can actually do the routing i.e. not most home routers.

in this instance the simplist option is to change the subnet mask.

DiCe! · 3 Oct 2014 at 09:13

skyripper said:
So.. You have two subnets now 172.20.1.x and 172.20.2.x
This tells us your Subnet Mask is something like 255.255.255.0
Thats the first thing to confrm.
You can check this on the router, or on one of the original client machines by looking in the TCPIP properties.

A VLAN, is a way of separating a network switch, which isn't really what you need in this case. Was the 'VLAN' created on the router or configured in the network switch?

That is correct, it is created in the router.

skyripper said:
The other question is how big is your network?

Is the Router just for talking to the internet, or do you have multiple sites/locations?

Nothing is going external it is just for internal equipment to talk to each other.

skyripper said:
250 is 11111010 in binary, meaning that subnet mask is a bit mental.
248 or 252 would work.

I did try 250 and 252 but had no such luck.

It isnt a home style router it is a quite powerful one called a ruckus, http://www.ruckuswireless.com/

I am thinking more and more they have a setting somewhere in it to stop things talking between subnets.

Armageus · 3 Oct 2014 at 09:46

DiCe! said:
That is correct, it is created in the router.

...

I am thinking more and more they have a setting somewhere in it to stop things talking between subnets.

Not used a Rukus before, but on our drayteks at work in order to get them to route between subnets you set them up as you would vlans

e.g.
Subnet 1 - 172.20.1.x, VLAN1
Subnet 2 - 172.20.2.x, VLAN2

assign the router 2 gateway addresses 1 for each VLAN, and enable both VLANs (and/or intervlan routing) on the LAN port (Assuming the router only has 1 lan port).

On your client machines you leave the subnet masks as 255.255.255.0, but make sure the gateways point to the correct gateways on the router, depending on which subnet they are in.

You shouldn't need to do anything else with VLANs other than on the router.

leigh_boy · 3 Oct 2014 at 10:07

you might have a firewall that is only allows 1 range. you might need to add it or change its subnet.
no physical hardware is needed.

leigh_boy · 3 Oct 2014 at 10:08

i wouldnt use vlans, as they are more for segragation e.g

phones on vlan 9
pc's on vlan 8
the 2 cant talk to each other.