DaemonForums  

Go Back   DaemonForums > OpenBSD > OpenBSD General

OpenBSD General Other questions regarding OpenBSD which do not fit in any of the categories below.

Reply
 
Thread Tools Display Modes
  #1   (View Single Post)  
Old 4th December 2017
EverydayDiesel EverydayDiesel is offline
Shell Scout
 
Join Date: Jan 2009
Posts: 123
Default Networking with 6 eth's

Hello,

I have 6 eth ports eth0-5 that i do not want any communication between except with eth0.

Eth0 - dhcp - ext facing nap
Eth1 - 192.168.1.1 255.255.255.0 - 10 host max
Eth2 - 192.168.2.1 255.240.0.0 - 1 host only
Eth3 - 192.168.3.1 255.224.0.0 - 3 host max
Eth4 - 172.16.1.1 255.255.0.0 - 5 host max
Eth5 - 10.0.0.0 255.0.0.0 - 5 host max

I do not want any of the interfaces to be able to communicate with anything other than eth0.

Does my subnetting look ok to do this?

Thanks in advance
Reply With Quote
  #2   (View Single Post)  
Old 4th December 2017
jggimi's Avatar
jggimi jggimi is offline
More noise than signal
 
Join Date: May 2008
Location: USA
Posts: 6,220
Default

  1. Are you certain you intended this question for OpenBSD? There is no such thing as an "eth" NIC in this OS.
  2. Your netmasks are not coherent. For example, 192.168.2.1 with a netmask of 255.240.0.0 has an effective range of 192.168.2.1 - 192.175.255.255, well beyond RFC 1918, and overlapping with your 192.168.3.1 subnet. Overlapping or duplicating subnets is not a valid configuration for OpenBSD, except in special cases such as with carp(4) configurations. You have the same problem for the 192.168.3.1 subnet, as it also extends to 192.191.255.255.

    As all your planned subnets will have a maximum of 10 devices connected to them, I recommend using /24 CIDRs (netmasks of 255.255.255.0). /24 CIDR subnets are human readable, human understandable, and will help you prevent inadvertent addressing overlaps.
  3. On OpenBSD, blocking of traffic between networks or subnetworks is accomplished with PF, not with subnetting alone.
Reply With Quote
  #3   (View Single Post)  
Old 4th December 2017
EverydayDiesel EverydayDiesel is offline
Shell Scout
 
Join Date: Jan 2009
Posts: 123
Default

Thank you so much for the reply. I meant em0 vs eth0

What what ip could I use instead of 192.168.2.0/24 and 192.168.3.0/24?

I will change all my subnets to /24 or 255.255.255.0

Last edited by EverydayDiesel; 4th December 2017 at 07:26 PM.
Reply With Quote
  #4   (View Single Post)  
Old 4th December 2017
jggimi's Avatar
jggimi jggimi is offline
More noise than signal
 
Join Date: May 2008
Location: USA
Posts: 6,220
Default

Quote:
Originally Posted by EverydayDiesel View Post
... what ip could I use instead of 192.168.2.0/24 and 192.168.3.0/24?
I don't understand the question. Could you restate it?
Reply With Quote
  #5   (View Single Post)  
Old 5th December 2017
EverydayDiesel EverydayDiesel is offline
Shell Scout
 
Join Date: Jan 2009
Posts: 123
Default

Thank you for taking the time

Em0 - dhcp - ext facing nap
Em1 - 192.168.1.1 255.255.255.0 - 10 host max
Em2 - 192.168.2.1 255.240.0.0 - 1 host only
Em3 - 192.168.3.1 255.224.0.0 - 3 host max
Em4 - 172.16.1.1 255.255.0.0 - 5 host max
Em5 - 10.0.0.0 255.0.0.0 - 5 host max



Em0 em1 em4 em5 will work

Em2 and em3 will not work right? They have to be separate up addresses I thought. The only private addresses that I know of are 192.168 172.16 and 10.0?

What up addresses should em2 and em3 be changed to so that this will work?
Reply With Quote
  #6   (View Single Post)  
Old 5th December 2017
jggimi's Avatar
jggimi jggimi is offline
More noise than signal
 
Join Date: May 2008
Location: USA
Posts: 6,220
Default

First. It seems to me you are confused about how IP subnetting works. If so, I could recommend a book or two, if online tutorials aren't helpful.

Very very briefly, a /24 subnet such as 192.168.1.0/24 contains 256 addresses. 254 of the addresses may be assigned to devices (.1 - .254), while 2 of the addresses are reserved (.0 and .255). If you want to have two /24 subnets in sequence, the next such subnet would be 192.168.2.0, with its 256 addresses, and so on.

While I find CIDR notation much more clear to me than decimal netmask notation, it won't matter to you if you do not understand what these notations mean, and how subnets are addressed.

OpenBSD's hostname.if(5) and ifconfig(8) provisioning tools will accept either notation format for IPv4 addressing.

Second. There are MANY private address ranges. The most common ranges for private IPv4 networks are the RFC 1918 address ranges. There are three ranges in that RFC, which you can subdivide into as many subnets as you wish.

10.0.0.0/8. This is the range 10.0.0.0 - 10.255.255.255, which is 16,777,216 addresses.

172.16.0.0/12. This is the range 172.16.0.0 - 172.31.255.255, which is 1,048,576 addresses.

192.168.0.0/16. This is the range 192.168.0.0 - 192.168.255.255, which is 65,536 addresses.

----

Recommendation: Pick one of these RFC 1918 ranges, and subdivide it into as many /24 subnets as you need. For example, the 10.0.0.0/8 range can be subdivided into 65,536 unique /24 subnets, each with 256 addresses.
Reply With Quote
  #7   (View Single Post)  
Old 5th December 2017
frcc frcc is offline
Don't Worry Be Happy!
 
Join Date: Jul 2011
Location: hot,dry,dusty,rainy,windy,straight winds, tornado,puts the fear of God in you-Texas
Posts: 133
Default

When confused about subnet configuration I like to use sipcalc which is available using
#pkg_add sipcalc

For Instance

sipcalc 192.168.10.1/24
-[ipv4 : 192.168.10.1/24] - 0

[CIDR]
Host address - 192.168.10.1
Host address (decimal) - 3232238081
Host address (hex) - C0A80A01
Network address - 192.168.10.0
Network mask - 255.255.255.0
Network mask (bits) - 24
Network mask (hex) - FFFFFF00
Broadcast address - 192.168.10.255
Cisco wildcard - 0.0.0.255
Addresses in network - 256
Network range - 192.168.10.0 - 192.168.10.255
Usable range - 192.168.10.1 - 192.168.10.254

Last edited by frcc; 5th December 2017 at 11:53 AM.
Reply With Quote
Reply

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
qemu networking gpatrick OpenBSD Packages and Ports 2 18th December 2011 04:20 AM
networking not working unixjingleman OpenBSD General 15 11th January 2011 04:07 PM
Would BSD be right to learn networking? php111 Off-Topic 17 25th September 2008 07:02 PM
Some networking help kevinz OpenBSD General 8 15th September 2008 03:34 AM
Networking between bsd and mac rex FreeBSD General 7 12th May 2008 07:57 AM


All times are GMT. The time now is 04:31 PM.


Powered by vBulletin® Version 3.8.4
Copyright ©2000 - 2018, Jelsoft Enterprises Ltd.
Content copyright © 2007-2010, the authors
Daemon image copyright ©1988, Marshall Kirk McKusick