Hi.

I have a private network which actually is a 192.168.0.0/24. I decided to subnet the private 192.168.0.0/16 addresses using 3 bits, so I'll end up with:
192.168.0.0/19
192.168.32.0/19
192.168.64.0/19
192.168.96.0/19
192.168.128.0/19
192.168.160.0/19
192.168.192.0/19
192.168.224.0/19

The question now is: what should I put into /etc/networks and /etc/netmasks? Is it sufficient to just put 192.168 into /etc/networks and 255.255.224.0 into /etc/netmasks?

Thank you guys,
Enrico.

This is all handled by routers. The /etc/networks and /etc/netmasks files are very data, and almost never used. Do you see a need for them?

See man 5 networks netmasks

Thank you Mr. C.

I don't see much use to them but I was following the official Solaris documentation and I had this doubt because it seemed a mandatory configuration.

By the way, speaking about routers, I suppose I should reconfigure the router from 192.168.0.1/24 to 192.168.0.1/19, right?

And the last question is about reconfiguring the Solaris DHCP server. I already have a macro for the network 192.168.0.0 and now I'm thinking about how to partition IP numbers in order to give, for example, an IP number in a specific subnet to a predefined subset of clients. If I'm not misled, the only way to do this kind of things (with just one DHCP server) would be filtering by MAC address (which doesn't seem a clever solution to me...) Maybe I should isolate the specific subset of clients so that they could see only one of several DHCP servers, and in this case I would need a certain number of additional routers. Any other ideas? I don't know how this kind of things is handled in the real world.

Thank you for your help,
Enrico.

Right, you'll want to configure your perimeter router to place all packets destined for your 192.168.0.1/19 on the wire. What other routers downstream do after that is their business. No if you only have one router, then you really aren't subnetting, and just have a single /19 address space.

To assign static IPs via DHCP (static leases), you need to create an assignment on the DHCP server per-MAC/IP pair. This is a good solution when you want permanent IP addresses for things like printers, and want the advantage of DNS and other IP settings to be automatic. No need generally to do this for random clients.

If you've subnetted, your DHCP server, depending upon its location, may be able to provide the correct IP ranges for each subnet. Create the proper network clauses in the DHCP server.

Thank you Mr. C.

Yes, nowadays I just have one router. The reason I wanted to subnet is that I must establish a VPN tunnel with a SOHO WatchGuard router with another office. Only a subset of the machines should be able to see the other network, so I thought about using a /19 address space and, for example, configure the trusted network of the WatchGuard as, for example, 192.168.96.x/19. Clients with IP in 192.168.{0,32,64,128,160,192,224} then should not be able to connect to the VPN. Even if I'm not really subnetting because I just have one router (the ISP router...), it should be sufficient for this to work, at least it's what I'm hoping.

I'll check the documentation another time, thanks. In this network I just have 1 DHCP server, which is connected via a switch to the other machines and to the router, I haven't other locations to put it.

Thanks again,
Enrico

Or you can use vlans.

Thanks for all the information you provided, Mr. C.

Can you please elaborate your quoted statement? I've been reading Solaris 10 documentation but, surely because of my lack of knowledge, I found no hint about such a configuration.

Thanks again,
Enrico.

Sure. A sub-netted network generally implies internal router's are used, one per (sub-)network, to divide a larger network address space. If the DHCP server is running on the routing station, it can listen on all interfaces and provide configuration information for those networks by using the appropriate subnet statements within the DHCP configuration file.

If the DHCP server is not on the routing station, it can still provide configuration information to any of the networks, but requires a DHCP relay to do so (DHCP broadcasts, like all broadcast packets, do not cross routers).

Thank you Mr. C.

With your information I indeed identified the documentation I needed.

Bye,
Enrico