Network structure

[Haden]

I'm going to chop L2 network into several parts, but I can't avoid following situation: (pic), hosts Ax would reach world in two hops using default gw 4.254 and 3.0 in one (which I find ok), but Bx, if using gw 3.254, would get redirections to use gw 3.253 if accessing 4.0 not 3.254 - which doesn't seem right.
Could you comment on such structure problems and how one would do it right?

 

[subflava]

but Bx, if using gw 3.254, would get redirections to use gw 3.253 if accessing 4.0 not 3.254 - which doesn't seem right.

Why doesn't this seem right to you? This is a textbook situation of when ICMP redirects are sent by a router. According to Cisco, redirects are sent when all of the following conditions are met:

Cisco routers send ICMP redirects when all of the following conditions are met:

* The interface on which the packet comes into the router is the same interface on which the packet gets routed out.
* The subnet or network of the source IP address is the same subnet or network of the next-hop IP address of the routed packet.
* The datagram is not source-routed.
* The kernel is configured to send redirects. (By default, Cisco routers send ICMP redirects. The interface subcommand no ip redirects can be used to disable ICMP redirects.)

Your scenerio meets all of the above conditions. In summary, when a host in your BX network with a default gateway of 192.168.3.254 tries reach the 192.168.4.0/24 network, it will send the packet to it's default gateway. Since the router on the left side of your picture is closer to the destination, an ICMP redirect will be sent by the 192.168.3.254 router.

 

[Haden]

So having icmp redirects isn't considered as flawed network design?
Such situations seem to be all over the place in my drawings (cabling is already in place), which made me worry (I don't have much experience here).

 

[Cscutch]

What type of epuipment are you using?

 

[Haden]

Originally posted by: Cscutch
What type of epuipment are you using?

Not sure yet, but probably Linux boxes as routers.
Switches are dumb/unmanaged.

 

[Cscutch]

A more normal setup would be something like this:

Network Desgin 1

It is simple and you let the router do the routing how it is suppose to.

Chris.

 

[Haden]

Subnets are physically one behind other (currently network is a long chain which spans ~1km), this wouldn't be practical to do.

 

[Cscutch]

Can You please explain in more detailed how the network is setup, like how each router is connected to each other and how the segments are connected to the network.

 

[Haden]

Currently it's switched only network, here is typical situation, if switch to be replaced with router R1, C subnet will get redirects if reaching A/B
Connecting R1 directly to central router (skipping C) would be problematic

 

[Cscutch]

Upgrade

So this is exactly what you are planing on doing and the problem has been highlighted aswell.

There are a few options which I will work out: And Post in a few.

Chris

 

[Cscutch]

Here is my take on the whole network design.

I don't know close to enough information on your entire network. Such as needs of users location of equipment or even why there originally a cascading switch network setup.

But here are some options:


Option 1) Your Design.

What you have will work and depending on the bandwidth needs of all users there shouldn't be a problem. With just replacing the one switch with a router will break up the broadcast domain into multiple ports eliminating some traffic across the network.

There is the problem of having redirected traffic on Subnet C to contend with. But there is a larger problem if one of your switches fail in subnet C the entire network will suffer lack of External access.

Option 2) Moving Of Demarc.

Demarc Location

This option will only consist of getting the telco (ISP) to move the demarc location. This could be expensive but not expensive as an entire redesign of the network. It will allow for a more central location of the core. This option could also not be available due to the restraints on geographical settings of equipment. I don't know enough about your setup to make that determination.

Option 3) Network Redesign.

This would be the ultimate recommendation because currently how your network is setup it has limited scalability and upgrade options. This can be done over time but would be expensive.

 

[Haden]

Cscutch, thank you for suggestions. I'll probably stick to redirects for now

 

[Cscutch]

No Problem, if you would like a more detailed suggestions please feel free.

 

[spidey07]

Originally posted by: Haden
Cscutch, thank you for suggestions. I'll probably stick to redirects for now

It will work, but its a little inefficient and may be hard to troubleshoot. I generally won't rely on redirects for routing.

Anyway you can put another ethernet card on the inside or outside router? That would clean up the routing and keep with good design practices of hosts only having one default gateway and avoid any static routes on the hosts themselves.

 

[Haden]

Anyway you can put another ethernet card on the inside or outside router?

Could you please explain?

 

[spidey07]

Originally posted by: Haden

Anyway you can put another ethernet card on the inside or outside router?

Could you please explain?

Routers can have numerous differnet "routing interfaces" on them. So normally if you want to route between more than two different networks, you have another routed interface. If your using SOHO routers then you probably can't. but if it is some kind of modular router that can accept other cards/interfaces then you could.

I guess the question really is "what are you trying to accomplish?"

 

[Cscutch]

His problem is that he has a cascading switch network to span 400m to get to the external network and subnet C is that section.

There is a way I havn't though of before, You can place a static routes on all the machines in Subnet C to point to All the other subnets. It would be an adminstrative hassle thou.

Chris.

 

[spidey07]

Originally posted by: Cscutch
His problem is that he has a cascading switch network to span 400m to get to the external network and subnet C is that section.

There is a way I havn't though of before, You can place a static routes on all the machines in Subnet C to point to All the other subnets. It would be an adminstrative hassle thou.

Chris.

that's exactly what I was trying to avoid. static routes on hosts IMHO are just asking for trouble.

 

[Cscutch]

You can always set it up like this:

Network Topology

It will alow you to use the same wiring, but break it up more. You will use the two switches in the box as basic repeaters. You will add a third router in that section. This could be a viable solution with minimal costs involved.

It will still have some concerns such as equipment failure, but I think that should work.

Chris.

 

[Haden]

I guess the question really is "what are you trying to accomplish?"

I have this situation:
full network sketch would look like this.
A/B/C... are stacks of switches spanning 400-1000m (like these).
{lines in green are connections which could be made (distance isn't big), but don't exists now}.
B1 is filtering bridge, not router. Total host count is ~200.

I'm trying to chop it and add redundancy, the redirection problem was first I've stumbled on.