Subnetting a class C IP address in to 200 hosts and 50 hosts

Answered Question
Dec 26th, 2007

Hi,

I have a Class C IP address assigned by our ISP.

I need to segregate the networks into 200 hosts on internal lan and 50 hosts on DMZ lan.

Can you let me know, the subnet mask that I need to assign for the internal and DMZ networks

Thanks,

Chandru

Correct Answer by Collin Clark about 9 years 1 month ago

That's correct and to make life easier I would suggest making the DMZ a different network number. For example if you're inside scheme is 192.168.0.0/24, I would make the DMZ 10.1.2.0/24. Keeping a class C subnet (ie not subnetting) will keep everything simple when configuring and troubleshooting.

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 4 (1 ratings)
Loading.
csaravanan Wed, 12/26/2007 - 14:16

Thats fine. I went through most of this stuff before.

Could you atlease explain me, what is the maximum hosts I will be getting when I subnet a Class C address.

My understanding is you cant get more than 126 hosts

Please correct me if I am wrong

Thanks,

Chandru

Correct Answer
Collin Clark Wed, 12/26/2007 - 14:20

That's correct and to make life easier I would suggest making the DMZ a different network number. For example if you're inside scheme is 192.168.0.0/24, I would make the DMZ 10.1.2.0/24. Keeping a class C subnet (ie not subnetting) will keep everything simple when configuring and troubleshooting.

csthorne Wed, 12/26/2007 - 15:23

And then you could use private addresses inside and on the dmz then NAT them to a public address if you need to get to a device that traverses the Internet, outside of your network

Paolo Bevilacqua Wed, 12/26/2007 - 15:31

Agree with ceclark, but the case in question is "special" enough so one should spend few more words about it.

1st, is not possible to subnet a /24 in two subnets of 200 and 50. The closest you can get (without too much tinkering), is 4 subnets of 62 each, three of them would go on the same physical LAN (or vlan) with secondary address on the router. Kind of a kludge, but no alternative, excpet the one of giving PC private addresses, thing that after 10 years of NAT usage, there is to say, present no problem for most users.

2nd, if the ISP gives service via ethernet, hir router will normally "believe" that all the address is directly connected there. Normally this is not a problem even if the connected router has mismatching netmask, due to proxy-arp. Or just talk to ISP and configure everything accordingly.

These can be pedantic notes, but I think one (beginner or not) should also consider them.

csaravanan Fri, 12/28/2007 - 11:04

Thanks Everyone for helping me out in this. I will proceed with the NAT route as subnetting for 200 and 50 hosts is not possible in Class C

Actions

This Discussion