i have 2 questions:
1)The first and primary questions is:
I work in an organization(lets say one LAN)
and all the users can access the internet - so when several users come to me and say that they cannot connect the internet - how do i start checking whats wrong? is it different procedure when the problem is only with one user? and by the way - how does an organization can access the internet, i mean what enables it in the router/switch configuration?
2)I know subnetting but i always asked myself why do you need a subnet mask? i mean - its not something that you cannot change or surpass, so what is the main reason for having Subnet-Mask?
Thanks in advance!
If it is supposdely a single lan and only 1 or 2 are having problems then it is probably not the ntwork but a user problem . If its a user problem then it is some setting on the pc itself . You can't know subnetting without knowing what the subnet mask is . Nothing enables it in a router , internet access is simply a point to point link to a internet service provider separatedfrom your corporate network by a firewall/NAT setup of some type to keep unwanted people out of your network. The mask determines where your subnet boundary is and how many usuable host addresses are in each subnet . You can say a /24 subnet mask which is 254 addresses or you can divide that up into smaller chunks where you can have multiple smaller subnets of say 128 or 64 or 32 or 16 etccc depending on how many addresses you need in each subnet. If you have a point to point link you don't want to waste a whole /24 on it you would use a /30 instead . If you really want to learn it go to learntosubnet.com. Free online course.
I know everything you said about the subnets - my question is: why do you need to divide the addresses into smaller chunks? why cant you just use /24 ?(assume that i dont have the problem of being short of ip addresses...)
If you don't have to conserve addresses then there is no reason you can't use a /24 for a subnet. If you have a finite range of addresses you then allocate only the ones you need say for a point to point link . If conservation isn't a problem then use a /24.
ok here are some reasons why you might not want to use /24 allthe time.
First of all ask yourself why use /24 why not fx /16 ? The answer to that questions tells you a lot.
what happens if you have a need for 400 ip addresses ? a /24 mask would not be the answer. a /16 mask would do the job, but is a little overkill dont you think ?
second /24 gives you 254 addresses to play with, but what if you only need fx 2 between 2 routers ?
what if you have 30 networks just for connecting 30 routers in different places fx if you have 30 remote offices ? or partners ?
that would roughly be the equivalent of one /24 network if you use a /29 mask or thirty /24 networks, I know what I prefer to keep track of. ie less than 256 addresses or 7680 addresses. to me the choise is simple.
Maybe you just have 1 unit that you want to separate from the rest for some reason.
The reason why I do not want use more addresses than I need is simple.
Its wastful to use much more than you need and could couse problems in the future.
fx I get 32 networks for my routers out of your /24 network. (if I use hsrp and so on)
2) Network uptime
A big network have a higher sencitivity towards errors in broadcast traffics and stp problems and more overhead traffic. if one can chunk it down to several smaller you can get more speed and packet throughput out of your network aswell as stability.
one technichian puting in one cable in the wrong hole doesnt sink the whole network, just a part of it, the rest is still up
There are several reasons why you would not want to use more ip addresses than you need, one is to find out if and/or where someone is hiding out in the vast space of ip addresses you use. The smaller space, the smaller and quicker search to find the culprit.
its easier to document every ip address in 5 192.168.199/29 networks than 5 192.168.X/24 networks. just to the sheer ip volume.
So yes you are right its possible to use only a /24 mask and it would work, but it is not optimal.
Just some thoughts on the subject.
Sorry i forgot all about Q1 when i wrote my last statement.
First of all knowledge is everything!
this is how it might be to check for problems.
If 1 user cannot reach internet then it can be one of many things.
Check that the user has possibility to reach the router/firewall.
check if the user has DNS working.
if several users cannot reach the internet but some can.
check that the ones who cannot, can reach the router/firewall.
if they can not and have the right ip address, check if you can reach them.
if you can not reach them.
check that you can reach all your switches.
if you can not reach your switches, locate and exchange the one that is faulty.
If the users who can not reach internet can reach the routers.
check the Default gateway and that the dns works.
this might be an example of a simple checklist.
How an organisation can access the internet ?
Learn it and master it.
For much needed security add Firewalls and NAT/PAT.
Assuming you have 220.127.116.11 / 24, and you need 2 subnets with 10 hosts each.
If you're ABSOLUTELY sure that each subnet will not grow a lot, you can use subnets of (16 - 2) hosts. However, if you think that the subnets might quite a bit, you can use subnets of (32 - 2) hosts. So on and so on.
1. (16-2) hosts
Subnet 1: 18.104.22.168 - 22.214.171.124
Subnet mask: 255.255.255.240
Usable IP addresses: 126.96.36.199 - 188.8.131.52
Subnet 2: 184.108.40.206 - 220.127.116.11
Subnet mask: 255.255.255.240
Usable IP addresses: 18.104.22.168 - 22.214.171.124
2. (32-2) hosts
Subnet 1: 126.96.36.199 - 188.8.131.52
Subnet mask: 255.255.255.224
Usable IP addresses: 184.108.40.206 - 220.127.116.11
Subnet 2: 18.104.22.168 - 22.214.171.124
Subnet mask: 255.255.255.224
Usable IP addresses: 126.96.36.199 - 188.8.131.52