Thanks Tom! I've been feeling pretty clueless over this thing for over a week now.

Near as I can tell, the Netgear router actually just acts as a switch for traffic on the same subnet on its LAN ports. That is, traffic coming in from the other campus via the fiber optic-to-ethernet just gets sent by the router over to the 1GB switch and then to the proxy server which forwards stuff out its 10.1.1.2 NIC back to the router which sends it to the internet.

The 1GB switch has no separate uplink port, just 24 ports. One cable from the switch goes to the router; all the other cables from the switch go to various PCs in the office, and two of them go to different NICs in the proxy server. I've been counting on the subnets to keep the traffic separate, and it seems to work except through the AP. In fact, recalling that their is one cable from the router to the AP -- if I replace the AP with a PC, that PC connects just fine, i.e. it can participate in the LAN and get to the internet via the proxy server.

So I guess my major lack of knowledge is in what exactly the AP is doing. Everything else I think I understand. If the AP would simply act like a wireless switch and pass its traffic to the router as if the devices were directly connected to the router, they would work. But it's doing something to the traffic and I don't know what.

*Peter Dow* /
Dow Software Services, Inc.
909 793-9050
pdow@xxxxxxxxxxxxxxx <mailto:pdow@xxxxxxxxxxxxxxx> /

qsrvbas@xxxxxxxxxxxx wrote:
Peter Dow (ML) wrote:

First, I'm no networking expert either. I probably have no good answer. I've been watching to see if anyone else has an answer; but since none has arrived in my inbox, I'll kick off a discussion.

DSL modem connects to Netgear router which has a static IP address of 10.1.1.1. Three of the NG router's 4 LAN ports are connected to a 1GB switch, a Netgear wireless access point (static IP address of 10.0.0.5) , and a fiber optic transceiver that connects to another campus. The proxy server PC has two network interface cards (NICs), both connected to the 1GB switch. The proxy server NICs have static IP addresses of 10.1.1.2 and 10.0.0.1. PCs on the LAN specify the proxy server (10.0.0.1) as their gateway, DNS server and proxy server.

Description _seems_ to match your diagram below.

DSL modem --> Netgear router (10.1.1.1) --> switch --> (10.1.1.2) proxy server
| | | |____________________| (10.0.0.1)
| | |
| | |_________ PCs (10.0.0.n)
| |
| |__________Netgear wireless access point (10.0.0.5)
|
|_________> FDDI -> FDDI -> hub -> PCs (10.0.0.n)
|
|
|_____Airport wireless repeater


Airport wireless repeater --> switch --> PCs (10.0.0.n)

The diagram _seems_ to have come through okay.

I hope that comes through. The intent is to isolate the initial Netgear router on its own subnet (10.1.1.n) so all the PCs have to go through the proxy server to get to it.

Here's where I get lost.

I don't exactly see how the parts that you say are working work. My first thought is that few of the parts should be able to connect with others.

I am confused by the subnetting.

I had started to get an understanding of how things work, but your assertion makes me want to toss what I thought I knew out.

Part of my understanding has been based in the supposed standard that 10.x.x.x addresses are /non-routable/. That's supposed to be fundamental and is supposed to be why such addresses can be reused by each of us in our own local networks.

But you're asserting that you have a router in a 10.1.x.x subnet that successfully routes addresses in 10.0.x.x subnets.

I'd rethink things if I were setting this up.

I'm waiting harder now for someone that clear it up -- why there are working subnets in this.

Everything works fine except the Netgear wireless access point. PCs that connect via this device are unable to see anything on the LAN, including the proxy server.

If I attach the Netgear AP to the same 1GB switch the proxy server is connected to, it works fine.

The switch I can /kind of/ accept. I don't really know what switches actually do as far as choosing what port a packet should go out. I've kind of assumed that they simply send all packets out the uplink port whenever they don't match the addresses that have made themselves known at initial connection time (or however things make their presence known to switches.)

But I would expect the router simply to discard such packets if they're from a non-routable address.

Wish I could give an authoritative answer instead of adding more questions. I like this kind of thread starting here. It's such a great area where we can learn stuff without broadcasting to the world how limited our (my) knowledge is.

Tom Liotta


As an Amazon Associate we earn from qualifying purchases.

This thread ...

Replies:

Follow On AppleNews
Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].

Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.