0

I have two /16 networks which I want to divide : 10.84.0.0/16 and 10.94.0.0/16. I divided the first one in 4 equal subnets /18. But for the second I want a quarter of it in the first subnet, and all other IPs in a second subnet :

10.94.0.0/18  => 16382 IPs
10.94.64.0 ?? => all the remaining 49152 IPs

Is it possible ?

EDIT: to clarify, I have servers with databases. Each server has a primary IP address on interface eth0. Then on each servers I have several databases, each listening on there own IP address. I want to filter so that only secured workstations in a specific VLAN can access the main servers IP's (eth0) on port 22, and only applications in some VLANs can access databases IP's on DB ports (like 5432, 3306, 1521, etc.). So I have X IPs for servers, and a few times X IPs for databases. It's not a quarter, probably more like 5 to 10 databases per server. I could not find a solution by dividing a network, but I wondered if it was possible.

Jean Coiron
  • 103
  • 3
  • Unfortunately, education, certification, or homework questions are off-topic here. There's plenty of learning sites on the Internet. This one isn't one of them. In real world we don't use such large networks. But you may be interested in this answer: https://networkengineering.stackexchange.com/a/7117/16930 – JFL May 03 '18 at 09:42
  • 1
    Because addressing and subnetting is in binary, networks must be a power of two, so you can halve or double. Three quarters of something cannot be a power of two, so you cannot have a network that is 3/4 of another network. – Ron Maupin May 03 '18 at 14:01

1 Answers1

0

Short answer: no, this is not possible from subnetting perspective. You can do /18, /18 and /17. /18 and "all the rest" is not possible.

Long answer: depending on your topology and goals it may be possible to use /18 and /16 range at the same time. E. g. you create one space as 10.94.0.0/18, and the second one as 10.94.0.0/16. Make sure that you actually allocate to 10.94.0.0/16 starting from 10.94.64.0. This way if packet comes to 10.94.0.0 - 10.94.63.255, it will be routed to 10.94.0.0/18 because this route is more specific. If packet comes to 10.94.64.0 - 10.94.255.255, it will be routed to 10.94.0.0/16. As long as real allocations (hosts, nested subnets, etc.) don't overlap, this will work just fine.

ar_
  • 1,133
  • 1
  • 6
  • 14
  • Thank you @ar_ , I couldn't find a mask to do it, I suspected it wasn't possible. Your solution seems interesting, I'll talk with our network engineer about it. – Jean Coiron May 03 '18 at 11:47
  • The issue with this solution is that unless you enable proxy-arp (generally speaking a bad idea), the hosts in the /16 will not be able to reach the hosts in the /18 as they will believe them to be on the local network and not use any gateway for the traffic. – YLearn May 03 '18 at 16:36
  • Which can be solved without proxy arp... if there's ever a need to solve. Generally in such cases aggregators are being used. But this, as I mentioned, depends on the topology. – ar_ May 03 '18 at 18:10