Hi Tom,

Thanks for the simplified lesson. What determines whether a switch recognizes a "next hop" IP address or not? I'm still trying to learn here, but just to keep you up-to-date on the actual situation:

I went by Home Depot (the place with the cheapest bulk cat5e cable) yesterday and they were out -- expecting a shipment last night, so adding more cable is a project for next weekend.

In the meantime, I complicated things by

a) replacing the AP with a 2nd Netgear router (same model as the 1st router)

b) putting a 2nd switch next to the 1st router.

The topology (if you thought it was flawed before, wait til you hear this!) is now

DSL -> router1 (10.1.1.1) -> switch1 -> (10.1.1.2) proxy server (10.0.0.1) -> switch1 -> (10.0.0.x) PCs (as before)
|
|____> switch2 -> other campus -> (10.0.0.n) PCs
|
|____> (10.0.0.5) router2 -z-> (10.0.0.n) wireless PCs

This mess actually works, even if it gives me a headache. However, it only works for a couple of hours at a time, then the NICs on the proxy server have to be disabled/enabled for it to start working again. I'm guessing this is because the ARP cache on the proxy server gets overloaded or confused. But it'll keep us limping along until I have some cable.

Speaking of cable, I noticed there's now cat6 cable which appears to be for higher speeds -- is it a better choice than cat5e?

Thanks again!

*Peter Dow* /
Dow Software Services, Inc.
909 793-9050
pdow@xxxxxxxxxxxxxxx <mailto:pdow@xxxxxxxxxxxxxxx> /


Tom Jedrzejewicz wrote:
On Jan 20, 2008 10:14 PM, Peter Dow (ML) <maillist@xxxxxxxxxxxxxxx> wrote:
The 4-port router connects to a 24-port, 1GB switch via a single cable.
LTwo cables go from the switch to the proxy server, one to each NIC
("inside" and "outside").

This is where it gets weird. You are asking the switch to manage
traffic from two different IP subnets. Switches generally don't like
do that unless you program them specifically .. that is the "VLAN"
that I mentioned earlier.

As I understand routers, the only routing that takes place is between
the LAN ports and the WAN port, right? So only traffic headed for the
internet would be routed. Local traffic is switched by the router
between the LAN ports.

IP packets that are not on the same IP subnet as the current device
must be "routed" to the correct subnet.

DRAMATIC SIMPLIFICATION
IP packets have (essentially) a "next hop" IP address and a "final
destination". If the final destination IP is on the same subnet as
the originating device, the final destination is set as the "next
hop". Otherwise the default gateway (or default route) is set as the
next hop. Switches do NOT route; if they recognize the "next hop" IP
address they pass the traffic to it, otherwise they ignore the packet.

Note that the reailty is far more complex, involving MAC addresses and
ARP tables, but in this case the effect is as described.

Since all the PC devices are on the 10.0.0.x
subnet, it should just be switched from one of the router's LAN ports to
another. In the case of internet traffic from a PC device (whose
gateway is 10.0.0.1) that is connected to the router's LAN port, it
should end up at the proxy server's "inside" NIC. Other PC devices are
connected directly to the 1GB switch and don't go through the router.

I think you are expecting too much of a consumer-grade DSL router. It
is NOT a full-blown router; rather it knows about a single "inside"
subnet, and everything else. It can't handle two different internal
subnets.

You MIGHT be able to kludge this problem by giving the DSL router a
bigger inside subnet (10.0.0.1, subnet 255.254.0.0), but it may not
like an address space this large, nor might the switch, and you would
not accomplish your stated objective of isolating the Netgear from the
PCs.

All of these devices work fine.

The two that do not work fine connect to the AP wirelessly, and the AP
in turn is connected to a router LAN port, which seems to me like other
PC devices that are connected to one of the router's LAN ports.

The devices are doing what they should be doing; the topology is flawed.

Take care.

As an Amazon Associate we earn from qualifying purchases.

This thread ...

Follow-Ups:
Replies:

Follow On AppleNews
Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].

Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.