Linux - NetworkingThis forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
you're free to use anything within 192.168.0.0/16 without problems... if you don't want to "waste" IP addresses you could always use 192.168.0.0/23 (255.255.254.0) and walk off with only 512 addresses, 192.168.0.1 to 192.168.1.254. The whole 4 octect thing has broken down a lot in the last decade... CIDR notation (/24 /23 /16 etc..) is prefered in many places as it's so much simpler and there's no real difference if a subnet ends exactly on an octet boundary or not... do what you want, it's fine.
acid_kewpie is of course correct, but I just wanted to add: CIDR notation was invented to solve IP shortages for the internet. There is no real "benefit" to be gained from using less than the /16 on a private subnet block, unless you intend to create another subnet at some time on the same physical lan. I would go with at least /22 to give you 1024 ips, to leave some breathing room.
And, for anyone who needs massive IP ranges (bad idea), there's always the 16 million IPs in the 10.0.0.0/8 netblock.
Large flat networks have a problem: If you use /16 as a netmask in your router it thinks it is connected to a network of 2^16 machines. In particular it will try to do arp caching for all these 65536 ip addresses. Now you only use 500 or so IPs so that's not really a problem. It will become a problem in the following scenario: Say one of the client computers is infected with a virus that tries to spread. First thing most virii do is just contact every computer in the network they are in. So in such a case you will have a rapid succession of arp requests all of which your router thinks it should be able to resolve. This can easily make the arp cache overflow resulting in a DoS.
You can get around this by increasing the arp cache (defaults to 1024 on most linux distributions) in /proc/sys/net/ipv4/neigh/default/gc_thresh[123]. But a safer solution is to not use /16 but /22 as a netmask as suggested previously.
Edit:
You're right about the ip range of 192.168.0.0/22
I understand the concept of a virus flooding the router (a little linksys box) with ARP requests, but what I don't understand is how _increasing_ the supposed number of computers avoids that.
Also, if I use /22 is my subnet mask 255.255.252.0?
I followed the link, but it will take time for me to figure out what to do with it.
I'm afraid that while I'm getting the basic concepts, technically I'm way out of my depth at this point. But at least now I know how to fit my network into an IP range. Eventually I'll pick up a book on it. Just now however, with only one subnet and no plans for more in the near (2yrs) future, any dedicated book is overkill.
Originally posted by calabash
I understand the concept of a virus flooding the router (a little linksys box) with ARP requests, but what I don't understand is how _increasing_ the supposed number of computers avoids that.
I assumed your router was a linux box On the linksys thingy you probably don't have an option to tune the size of the arp cache. However, if it supports /16 subnets it should also have a sufficiently large arp cache.
What increasing gc_thresh does is just increase the size of the kernel's arp table. The default values for me are 128, 512 and 1024 for gc_thresh1,2,3 respectively. Meaning the garbage collector process will not run when the table is smaller than 128. 512 is the soft maximum which can be exceeded for five seconds and 1024 is the hard limit which triggers the garbage collector immediately. During an arp flood the garbage collector might not get rid of stale entries fast enough so if you increase the hard limit to the amount of IP addresses in your net you will evade the DoS effect since legitimate arp requests can still be answered.
Quote:
Also, if I use /22 is my subnet mask 255.255.252.0?
Great. I will restructure our network as I deploy our Fedora Core 4 box. I am looking forward to learning more of SAMBA; Linux; routing and fine tuning. This forum has been very supportive, even when there is not a ready answer.
I still haven't made the jump to Linux on my desktop yet. But for servers, I'm sold.
One more thing before you go! If you're ever having problems calculating IP address ranges, definitely look into the ipcalc tool. For instance, it answers your question easily:
that means, after 192.168.0.254, i can add 192.168.1.1 - 192.168.1.254 if my network address is 192.168.0.0 and my netmask is 255.255.254.0 that is 192.168.0.0/23 ? right ?
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.