[NTLUG:Discuss] Broadcast IP address
Ralph Green
sirable at gmail.com
Mon Nov 12 12:28:03 CST 2012
On 11/10/12, Eric Schnoebelen <eric at cirr.com> wrote:
>
> Ralph Green writes:
> - Howdy,
> - I have a network I want to expand a bit with as little impact on the
> - users as possible. All LAN addresses are currently in the 192.168.4.x
> - range. I am adding a new VPN server and I am thinking of using
> - 192.168.5.1 for its address. It looks like I need to adjust the
> - netmask on machines in the original LAN from 255.255.255.0 to
> - 255.255.254.0. If I do that on a test machine, I can reach it from
> - the 192.168.5.x machines. I see the broadcast address has changed
> - from 192.168.4.255 to 192.168.5.255. If I make the netmask change on
> - the servers, including the DHCP server, will clients be able to renew
> - their leases?
>
> Most DHCP servers/clients try to renew their leases with a
> directed request to the DHCP server they received their lease
> from.
Good. So, I changed the dhcp server config and the netmask on that machine
first thing. Ill finish my OpenVPN config and start testing it later
today. I sounds
like users should not notice anything. The thing I am waiting fr a
bit is to see if the netmask will update on the clients when the
leases renew or whether I will need to restart the clients.
>
> - I am thinking they will broadcast on 192.168.4.255 to
> - get a renewal and they won't find a response.
>
> No, see above. They will broadcast to 255.255.255.255 when they
> request an initial lease though.
Great, no concern here after all.
>
> - What would be a good way to resolve this?
>
> I don't think it's an issue with the supernetting.
>
> - The only thing I can think of offhand, is maybe
> - to add a new machine temporarily at 192.168.4.255 and forward packets
> - to 192.168.5.255, but I think that might be a bad IP address for a
> - machine on the network.
> - Do you have any suggestions,
>
> Why not route between the LAN (local workstation) and VPN
> subnets?
>
> Otherwise, it sounds like a proxy-arp storm waiting to happen.
We have a couple of servers that every user talks to all day long.
Except fo me doing maintenance on users machines, the users never talk
to each other's computers. They just all talk to the servers. I just
needed the new IP address range to be able to bring up the new OpenVPN
server in a way that would not interfeere with anything until I got
all remote users migrated to it. I orignally setup the new VPN server
in the new IP address range and it seemed that it would not talk to
the servers. I figured out a little later that it really could talk
to the servers, but they just could not answer back because they could
not route packets to the new range. Changing the server netmask to
255.255.254.0 has solved that. I don't see how I would get a proxy
arp storm. I will have to go read more about that. I am not doubting
your concern over hat. I just dont understand it.
More information about the Discuss
mailing list