Assigning a /29 subnet: Works but is this the correct way?

N

Nikole

Well-Known Member
Jun 3, 2013
41
0
46
Hi all,


I have a /29 subnet from the DC and I have assigned it to a bridge using the very last IP of the range (= the broadcast IP).
Without knowing much about networking I see from other posts that I am supposed to assign a USABLE address of the range (i.e not the last of the whole range).
As it is now it works, but is this the correct way or I will have problems which I can't foresee?

My subnet is:

58.47.218.64/29
Mask 255.255.255.248
Broadcast 58.47.218.71
(IPs are not actual)

The vmbr that I have created is:

--
auto vmbr2
iface vmbr2 inet static
address 58.47.218.71
netmask 255.255.255.248
bridge_ports none
bridge_stp off
bridge_fd 0
--

Now from that range the usable IPs should be x.x.x.65 to x.x.x.70 but I am using x.x.x.71 for the bridge.
Will this be ok?

Thank you,
Nikole
 
Nikole said:
Hi all,


I have a /29 subnet from the DC and I have assigned it to a bridge using the very last IP of the range (= the broadcast IP).
Without knowing much about networking I see from other posts that I am supposed to assign a USABLE address of the range (i.e not the last of the whole range).
As it is now it works, but is this the correct way or I will have problems which I can't foresee?
Click to expand...
Hi Nikole,
no that's not ok!
It's works because the traffic to the broadcast address go to all host - and the pve-node answer.
E.G. if you do high traffic to the pve-node, all other network devices receive a lot of broadcast (which arn't real broadcast).

Udo
 
udo said:
Hi Nikole,
no that's not ok!
It's works because the traffic to the broadcast address go to all host - and the pve-node answer.
E.G. if you do high traffic to the pve-node, all other network devices receive a lot of broadcast (which arn't real broadcast).

Udo
Click to expand...

Hi Udo!

OK... I am learning! :)
So basically this means that if I use the Broadcast IP I am creating unnecessary traffic to all hosts of the subnet....(if I have it right). This is definitely not OK!


So now I have to use one of the 6 usable IPs for the bridge, which means one IP lost.
Considering that I want to have Pfsense to manage traffic from that subnet, this means that I have to waste one MORE ip (for Pfsense)....which brings the rest "available" IPs to 4. :/
Is there a workaround in order to not waste 2 IPs for bridge and Pfsense? One would be "nice".....
 
Nikole said:
...
Is there a workaround in order to not waste 2 IPs for bridge and Pfsense? One would be "nice".....
Click to expand...
Hi,
you can use iptables for that - put the pfsense-box on an internal bridge within a private network and forward all traffic, which you don't need for pve to this IP.
But if you do something wrong it's easy to close out yourself ;)

See here about the ports: http://pve.proxmox.com/wiki/Ports

But if you want to use tcp-22 (ssh) for pve and pfsense you can't do that (but you can use another port for one of them, like 2222 -> pfsense-22).

Udo
 
Nikole said:
OK... I am learning! :)
So basically this means that if I use the Broadcast IP I am creating unnecessary traffic to all hosts of the subnet....(if I have it right). This is definitely not OK!
Click to expand...

If you are learning common networking configurations, I think that adding to that matter also pve learning itself (so adding its network virtualization layer, too) could not help you to easily understand, if you are going to try & see what happens.

A basic knowledge of common tcp/ip concepts could greatly help you; if you don't have other docs ore references, you can use this Microsoft free pdf, that although specific to windows systems, has most of tcp/ip concepts and details well explained.

http://www.microsoft.com/en-us/download/details.aspx?displaylang=en&id=8781#overview

I am reading it too, to fill the many gaps I still have...

Marco
 
You must log in or register to reply here.
Top Bottom