Access to sub network unreachable.

Rick Stevens ricks at nerd.com
Sat Jan 10 00:56:45 UTC 2009 

Simon Slater wrote:
> On Fri, 2009-01-09 at 11:58 -0800, Rick Stevens wrote:
>> Robin Laing wrote:
>>> Simon Slater wrote:
>>>>     Hi all,
>>>>         I'm sure I have missed something simple (or done something 
>>>> stupid) but
>>>> have no idea what so I'll ask anyhow.
>>>>
>>>>     All the computers on our SOHO network had static addresses in the
>>>> 192.168.0.1-9 range with netmask of 255.255.255.0 and all worked fine
>>>> for ages.  Now I have a Linksys gateway which has a default address of
>>>> 192.168.1.1 for configuration.  It works fine as a DSL router but I
>>>> cannot use a browser to access the configuration.  All I get is "An
>>>> error occurred while loading http://192.168.1.1: Could not connect to
>>>> host."  Pinging returns "Destination Host Unreachable".
>>>>
>>>>     I changed the netmask for the ethx device to 255.255.0.0 but this 
>>>> made
>>>> no difference.  What have I forgotten?
>> Odds are that the router also has a netmask of 255.255.255.0 (or a /24).
>> If that's the case, then it can't talk to your client since your client 
>> isn't on the router's LAN as far as the router is concerned.  Your
>> client can talk to the router with a /16, but the router can't reply to
>> you as it'd try to talk to you over its WAN port.  Options:
>>
>> 1. Change all of your client machines to 192.168.1.xxx with netmasks of
>> 255.255.255.0 (/24) to conform to the router's defaults, or
>>
>> 2. Change the netmask on the router to 255.255.0.0 (/16) and all of the
>> client machines to the same, or
>>
>> 3. Change the IP and netmask of the router to 192.168.0.xxx/24 and leave
>> your clients alone.
>>
>> I'd vote for number 3...it makes your new router look like the old 
>> router.  Remember, though, that if you ever reset your router to the
>> factory defaults, you'll need to change its IP again afterward or
>> you'll be right back here where you started.  :-)
>>
>> How to change it?  On your client:
>>
>> 1. # ifconfig eth0 192.168.1.whatever netmask 255.255.255.0
>> 2. (browse to 192.168.1.1 and change the IP on the router)
>> 3. # ifconfig eth0 192.168.0.whatever netmask 255.255.255.0 (needed
>> because your router is now on 192.168.0.0/24)
>>
> 	Thanks everyone for your replies. I think I know where I went wrong
> now: even though the /24 range covers both 192.168.0 and 192.168.1 they
> are separate network segments and won't talk to each other.

No, the /24 covers EITHER 192.168.0.xxx or 192.168.1.xxx, but not both.
To treat both as a single network you need a /23 netmask.

> 	I need to read more on addressing and netmasks.  Once our half dozen
> boxes were working nicely back in the FC3 days I haven't changed the
> setup since (and probably forgot what little I knew about addressing).

A netmask tells the system how many bits of the network address make up
the NETWORK part.  The remaining bits make up the host identifier.  An 
IPV4 address is 32 bits.  A /24 (or 255.255.255.0) netmask says the 
first 24 bits (the first three octets) make up the network part.  In my
graphic below, the netmask stuff is shown in by "x"s and the bits under
the "x"s make up the network address:

netmask:	xxxxxxxx.xxxxxxxx.xxxxxxxx.-------- (255.255.255.0 /24)
binary addr:	11000000.10101000.00000000.00000001 (192.168.0.1)
binary addr:	11000000.10101000.00000001.00000001 (192.168.1.1)

So you can see that they're separate networks.  Now, with a /23 netmask:

netmask:	xxxxxxxx.xxxxxxxx.xxxxxxx-.-------- (255.255.254.0 /23)
binary addr:	11000000.10101000.00000000.00000001 (192.168.0.1)
binary addr:	11000000.10101000.00000001.00000001 (192.168.1.1)

You can see here that they're the same network now, and you're using 9
bits as the host identifier.

Also note that the netmask must be consecutive 1 bits...the first 0 bit
marks the end of the netmask. 255.255.254.0 is OK (the last octet is
11111110 binary), but 255.255.253.0 isn't (the last octet is 11111101)
and would be treated the same as 255.255.255.252 (a /22 or 11111100).

Does it make sense now?

> 	In the next 3 months I'll be adding another half dozen boxes and allow
> for laptops so will be setting up DHCP. The F10 download has just
> finished, so now I might install that first, then follow your advice to
> setup the gateway, then begin experimenting with DHCP.
> 
> 	Many thanks everyone.

That's what we're here for!
----------------------------------------------------------------------
- Rick Stevens, Systems Engineer                      ricks at nerd.com -
- AIM/Skype: therps2        ICQ: 22643734            Yahoo: origrps2 -
-                                                                    -
-               500: Internal Fortune Cookie Error                   -
----------------------------------------------------------------------

More information about the fedora-list mailing list