- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
12-26-2007 02:03 PM - edited 03-03-2019 08:03 PM
Hi,
I have a Class C IP address assigned by our ISP.
I need to segregate the networks into 200 hosts on internal lan and 50 hosts on DMZ lan.
Can you let me know, the subnet mask that I need to assign for the internal and DMZ networks
Thanks,
Chandru
Solved! Go to Solution.
- Labels:
-
Routing Protocols
Accepted Solutions
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
12-26-2007 02:20 PM
That's correct and to make life easier I would suggest making the DMZ a different network number. For example if you're inside scheme is 192.168.0.0/24, I would make the DMZ 10.1.2.0/24. Keeping a class C subnet (ie not subnetting) will keep everything simple when configuring and troubleshooting.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
12-26-2007 02:12 PM
You'll learn more if you figure it yourself ;-)
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
12-26-2007 02:16 PM
Thats fine. I went through most of this stuff before.
Could you atlease explain me, what is the maximum hosts I will be getting when I subnet a Class C address.
My understanding is you cant get more than 126 hosts
Please correct me if I am wrong
Thanks,
Chandru
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
12-26-2007 02:20 PM
That's correct and to make life easier I would suggest making the DMZ a different network number. For example if you're inside scheme is 192.168.0.0/24, I would make the DMZ 10.1.2.0/24. Keeping a class C subnet (ie not subnetting) will keep everything simple when configuring and troubleshooting.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
12-26-2007 03:23 PM
And then you could use private addresses inside and on the dmz then NAT them to a public address if you need to get to a device that traverses the Internet, outside of your network

- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
12-26-2007 03:31 PM
Agree with ceclark, but the case in question is "special" enough so one should spend few more words about it.
1st, is not possible to subnet a /24 in two subnets of 200 and 50. The closest you can get (without too much tinkering), is 4 subnets of 62 each, three of them would go on the same physical LAN (or vlan) with secondary address on the router. Kind of a kludge, but no alternative, excpet the one of giving PC private addresses, thing that after 10 years of NAT usage, there is to say, present no problem for most users.
2nd, if the ISP gives service via ethernet, hir router will normally "believe" that all the address is directly connected there. Normally this is not a problem even if the connected router has mismatching netmask, due to proxy-arp. Or just talk to ISP and configure everything accordingly.
These can be pedantic notes, but I think one (beginner or not) should also consider them.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
12-28-2007 11:04 AM
Thanks Everyone for helping me out in this. I will proceed with the NAT route as subnetting for 200 and 50 hosts is not possible in Class C
