Questions tagged as ['subnet']

I'm trying to figure out a way to get my networking.service to work properly, so networking service restarts work.

How do I setup those 20 IP'S with 2 different Gateways but only 1 NIC? With 2 NIC's I wouldn't have any problem, but is that possible on 1 NIC?

This is what I get when I try to restart it by using systemctl restart networking.service:

Feb 06 22:37:40 v4033 ifup[1276]: ifup: failed to brin ...

I was setting up ip addresses between two devices and I noticed something odd. I feel like I am missing an important fundamental here:

Context:
Device A: 10.30.0.1/12
Device B: 10.2.0.2/12

if I set up the IP like this, then A and B cannot ping each other

However, if I do
Device A: 10.30.0.1/12
Device B: 10.30.0.2/12
OR
Device A: 10.2.0.1/12
Device B: 10.2.0.2/12

Then A and B can ping each other just fine. ...

Have a server with 4 subnets - 1 usable IP each and each configured on separate network port on the network card. Running 4 docker containers, but they are randomly accessible upon reboot. How to add a static route for each?

container1 - network card port1 - Subnet/IP1
container2 - network card port2 - Subnet/IP2
container3 - network card port3 - Subnet/IP3
container4 - network card port4 - Subnet/ ...

I am in the process to migrate to separate Vlans from a single 10.1.0.0/16 subnet on VLAN1

In the existing /16 subnet is our Cisco Mail Security (ESA).

In a new Vlan Segment for clients (10.101.10.0/24, VLAN6 ) I can do pretty much everything but access the ESA. No ping and also no access via HTTP(s). Other servers and services are fully accessible like from VLAN1

The Cisco support said there is no iss ...

I am using Android to connect to my WireGuard server through the public IP address of the host network. The LAN is using addresses 192.168.0.1-255. I would like the client to connect through the VPN only to addresses with in the LAN and directly access the others. The config is as follows:

[Interface]
PrivateKey = xxx=
Address = 198.18.7.4/32
DNS = 192.168.0.1

[Peer]
PublicKey = xxx=
AllowedIPs = 192.168 ...

I am currently setting up a network and I'm having some pinging issues between computers, how could I fix this ?

Computer A, which is in the main network can ping his own router, and the subnet router, but not Computer B which is inside the subnet.

ping 192.168.98.100 is failing

Computer B, on his side, can ping Computer A.

ping 192.168.99.101 is fine

The main router is a cisco rv160w and the s ...

Our ISP provides a /29 subnet which includes the following IPs:

Network Address: 199.1.1.0
Router/Gateway Address: 199.1.1.1
Usable IP addresses: 199.1.1.2 - 199.1.1.6

I would like each of the 5 public IPs to have their own network (NAT), so for example the 199.1.1.4 public address could have the internal network 192.168.7.0, and public address 199.1.1.5 could have the internal network 192.168. ...

I am trying to create two centos 8 machines with terraform on azure.

My templates github link

When I try to apply, I am getting below error related to policy. Could you please suggest how to fix this?

>     │ Error: creating Subnet: (Name "subnetforAutomation" / Virtual Network Name "vnetforAutomation" / Resource Group "automation_mart"):
> network.SubnetsClient#CreateOrUpdate: Failure sending r ...

I have two PC in local subnet (192.168.0.0). One of them have connected through VPN to another subnet(10.0.0.0).

[192.168.0.0]
| - - PC1
| - - PC2 - - vpn - - [10.0.0.0]
Router -- [Internet]

Is there any way to get access to [10...] subnet for PC1 from local subnet?

I read a bit about IPv6 and found that usually you get assigned a /48 prefix address. Which gives you 16 bit for subnetting.

Reading further assuming that you use /64 subnets you would end up with 65535 possible subnets with a lot of IP-Addresses in each of these.

My question is, how you deal with scenarios where 65535 Subnets are not sufficient. I mean you have to consider, that even small subnets  ...

we have a requirement where we need to create a floating Ip and it should be moved across the GCP Compute Instances. In this case we need to add the route under the route table of the VPC(asia-south1) with the floating IP entry(2600:1f18:1802:4b04:b8f7:9c39:4458:1a05).

Note: IPV6 is supported for the region that we have used.

Please refer to below error when we tried adding the route: Error:

Creating  ...

In Ubuntu I am trying to create a docker network with a specified subnet when on VPN but I get the below error:

$ docker network create my-network --subnet 172.17.24.0/18
Error response from daemon: Pool overlaps with other one on this address space

Looking at the route table:

$ route -n
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
0.0.0.0  ...

As we can see in the picture above, I can select as many subnets as I want. Does it mean, the tasks in the service are created across these two subnets?

Suppose I have one task running, in which subnet will it run then? If there are multiple tasks in the service, how are they distributed between these subnets? Is it something handled by Fargate and we shouldn't worry about?

What if I select a publ ...

I've got a network on ip range 192.168.0.X. It has a router with an internal IP on this range that lets it talk to the outside world.

If I create a new network on ip range 192.168.1.X. How can I get this network to see the first network on a different IP range and more specifically the router on the original range.

The computers are windows and linux based.

in ipv4 cidr notation you can have an ip address like 10.10.20.0/24

it's expanded to

network  : 10.10.20.0
first ip : 10.10.20.1
last ip  : 10.10.20.254
broadcast: 10.10.20.255
netmask  : 255.255.255.0

That means I have a usable ip range from 10.10.20.1-.254 on this subnet.

would 10.10.20.0 be the default gateway for this subnet?

is there a way to move a host virtually to a different network based on its mac-address? Example: Imagine a firewall with a LAN (let's say 192.168.1.0/24) and a DMZ (e.g. 172.1.1.0/24) interface. Assume there is a host that can only be connected to the DMZ-network due to the physical wiring in the building but is supposed to be in the LAN-subnet (and have LAN-security policies applied to it). Something  ...

I have a PetaLinux machine (Embedded Linux on a Xilinx Zynq device, debian fork, kernel 4.19). If the two NICs are on different subnets, then I can disconnect one NIC, and the other will continue working. But if they are on the same subnet, then disconnecting eth0 will render both unreachable. (Disconnecting eth1 is fine.) Also, if the addresses are acquired by DHCP, then disconnecting the plug for eth0 i ...

Given the following network:

                     +-- endpoint 1
                     |
internet -- server --+-- endpoint 2
                     |
                     +-- endpoint 3

where the endpoints are on subnet 192.168.1.0/24 and they route their traffic through the server.

For this, we require a NAT rule on the server for the interface connected to the internet:

iptables -t nat -A POSTROUT ...

I want to expose an EC2 service behind ALB, the flow looks like

User -> Route53(Domain) -> ALB -> EC2

Which subnet should the EC2 exist? The private or the public? And in this case, does an EIP necessary?

I have a pfSense firewall/router that is exposing some services to my public ip.

This is working fine, as long as the service is on the primary LAN subnet (192.168.1.0/24), let's call it LAN-A.

E.g. this works:

public_ip:443 -> pfSense (NAT) -> 192.168.1.20:5443 (reverse proxy)

I additionally have a second LAN 192.168.88.0/24, let's call it LAN-B, that is behind a Mikrotik router on 192.168.1 ...

I have a Fedora 34 linux and it has a physical ethernet interface (NIC3), a physical wifi interface (NIC2) and an USB/Ethernet interface (NIC1) (USB LTE Dongle). I would like to use the NIC3 to route all traffic to NIC1. And I would like to keep the NIC2 as management interface that reach the Linux machine. That is all. block scheme of the plan - click here to see the image

    Destination     Gateway     ...

I have ec2 Instance in private subnet, and I want to install packages in the private server. How to install packages in private ec2 instance without using NAT?

Say we have network addresses 10.10.10.252/30 and 10.10.255.252/30 and 10.255.255.252/30. They all have CIDR of 30.

I realize all three subnets have two usable hosts.

All three addresses have subnet mask 255.255.255.252 but different number of possible subnets. 10.255.255.252/30 has 30-8=22 bits reserved for subnets (class A). 10.10.255.252/30 has 30-16=14 bits reserved for subnets (class B). 10.10 ...

This is the ifconfig:

utun2: flags=8051<UP,POINTOPOINT,RUNNING,MULTICAST> mtu 1340
    options=6403<RXCSUM,TXCSUM,CHANNEL_IO,PARTIAL_CSUM,ZEROINVERT_CSUM>
    inet 172.16.4.2 --> 172.16.4.2 netmask 0xffffffff
    inet6 fe80::aede:48ff:fe00:1122%utun2 prefixlen 64 scopeid 0x11
    inet6 fc00:af6d:6058:7873:9685:4033:8217:541 prefixlen 64
    nd6 options=201<PERFORMNUD,DAD>

routing  ...

This is the ifconfig:

utun2: flags=8051<UP,POINTOPOINT,RUNNING,MULTICAST> mtu 1340
    options=6403<RXCSUM,TXCSUM,CHANNEL_IO,PARTIAL_CSUM,ZEROINVERT_CSUM>
    inet 172.16.4.2 --> 172.16.4.2 netmask 0xffffffff
    inet6 fe80::aede:48ff:fe00:1122%utun2 prefixlen 64 scopeid 0x11
    inet6 fc00:af6d:6058:7873:9685:4033:8217:541 prefixlen 64
    nd6 options=201<PERFORMNUD,DAD>

I know i ...

I got a scaleway.com server (DEV1-S) which offers me a /64 IPv6 subnet. I want to use an IP from this subnet to make a HTTP request (will use wget in the examples) but I can't get it to work. The request (with wget but also with other programs & programming languages) will hang.

The IPv6 adress is 2001:bc8:1830:1b18::1, the gateway is 2001:bc8:1830:1b18:: and the netmask is 64.

Running ip -6 addr

I have 2 instances in AWS. One of them in a public subnet (bastion), the second one in a private subnet.

Both of them were launched with the same key pair (.pem file).

This is how I connect to the bastion:

ssh -i secret.pem ec2-user@public-ip

Works great, I am in.

Now, I want to ssh the instance in a private subnet. Googling says that I should forward the agent:

ssh -A ubuntu@private-ip

But unfortuna ...

• I have an EC2 Postgres Database (not standard AWS RDS, but based on my own configured AMI)
• I have a load balancer, auto scaling group with 4 max servers in each AZ (us-west-2)
• My load balancer is attached with 4 public subnets (each in 1 AZ)
• My EC2 ASG which handles application servers allows instances to be created in any of the 4 private subnets (each in 1 AZ)
• I have done all the necessary setup (NA ...

I'm subnetting the small network of our business for management and security reasons. Prior to this I had:

• 172.16.1.0/24

And now I want this:

• 172.16.1.0/24 -> corporate LAN
• 172.17.0.0/24 -> management of servers
• 172.17.1.0/24 -> hosting - managed services
• 172.17.2.0/24 -> game servers hosting
• 172.17.127.0/24 -> storage resources
• 172.17.128.0/20 -> hosting - servers (VPS, apps, etc ...

I am trying to understand networks better and to help me learn I am working on a home project where I want to setup two networks, let's call them Client and Server, on the same geographic location. (Both networks get Internet from one single WAN, since I was not able to acquire multiple IPs from my ISP.) The two networks should be separated from each other, meaning I want to prevent malware or other thr ...