Settle a bet! 3

[artbbs]

My friend & I disagree and a simple answer to the following will settle it:

Can an INFINITE number of additional computers be gain access to the internet by chaining routers behind a cable modem (given that the computers on different subnets don't need to see each other)?

For example if you connect a router to a cable modem that creates a class A subnet (providing about 16 million unique IP addresses for computers), can you connect a router at each of those 16 million addresses to create about 16 million more subnets?

 

[gdvissch]

@lhuegele,
I gave you a star for actually trying this
and for finding out that making these "ascii art" pictures is actually harder than it looks!!

I'm glad yu confirmed at least part of the theory. However I remain convinced that using 192.168.1.x under both subRTR1 and subRTR2 can work...

What did actually fail? What dit you tests? Could you ping your default gateways (subRTR2 and 3) mainRTR etc...
Do your subRTR did not have any firewall rules activated that prevent spoofing (i.e. when seeing private traffic on public interface drop the packet etc...)

I'd really like to make this work as I know it should (and I'd love to proove the point)

@lgarner,
gave you a star, as I didn't think about the TTL and you are right, TTL will also limit how deep you can go...
Also, you made me hesitate, with the proposition of alternating subnets (192.168.0.x - 192.168.1.x - 192.168.0.x etc...) I must admit I'm not out of that one yet and in fact, this means that the original poster's betting partner still can hope to win this bet after all

Anyhow for me it was more a phylosophical issue (with a technical background), and actually doing the math with the addresses has given me some new insights...

G.

 

[dearingkr]

Wow, what an interesting discussion.

Although I don't think it would work, one thing I haven't seen mentioned is that all the routers would have to use NAT.

Without NAT you cannot get beyond the 18m addresses for one simple reason: routing table. One of the requirements of the problem is that everything has internet access. Therefore the "main router" has to have a route to every private ip address in order to direct return traffic.

Also, don't forget the loss due to subnetting. A 255.255.255.252 mask leaves only 2 usable ip addresses and 2 ip's you can't use.

Another item, which I believe is mentioned previously, is that every router has a physical limitation on the size of the routing table.


MCSE CCNA CCDA

 

[lhuegele]

Thanks for the star gdvissch, I appreciate it, and yes, the ascii stuff is harder than I remembered.

The main problem as dearingkr and others have mentioned here is routing. The main router did not understand how to route back to machines under the secondary routers. From what I could tell, the requests went out fine, but the responses back failed to route properly.

This thread has actually been swimming around in my head for awhile now, and I'm also not convinced that it's "impossible", so I'm going to try it again with some static routes to see if I can force it to work.

 

[gdvissch]

@lhuegele

I understand the routing issue, that's why my proposition is to use 10.x.x.x and 172.16-32.x.x as routable addresses under the main router. It would be just a convention, any other one would be fine as long as you stick to it. 192.168.x.x can then be used under the second level NAT routers subRTR1 and subRTR2...

(In the scenario where under both subRTR2 and 3 192.168.1.x is used)
I don't see a routing issue in this setup. A packet is leaving from a PC under subRTR1 (let's say 192.168.1.3) with an Internet server as destination.
Whenever the packet traverses subRTR1 it will now have a source IP of 192.168.0.2.
A packet coming from "the same" address (192.168.1.3) under subRTR3 will have a source IP of 192.168.0.3 once NATted. This scenario is identical to two PC's with 192.168.0.2 and 192.168.0.3 talking to PC's on the Internet through NATing router mainRTR.
Now, when packets return from Internet, they are first NATted back by mainRTR. The destination will thus become 192.168.0.2 and 192.168.0.3 respectively. This would designate the correct sub-router which then does the final NAT back to 192.168.1.3 and 192.168.1.3 (based on internal NAT tables, basically based on source/destination ports for finding the original host)

@dearingkr
as explained in the answer to lhuegele I would personnaly stick to 10.x.x and 172.16-32.x.x as new routable addresses under mainRTR. I would setup EIGRP or OSPF or any other routing protocol to make sure routing runs fine in this address space (and totaly independent of the routing in the main public addressable space).
Even under the subRTRs you might end up using some sort of routing protocol, as you still have 255 class C networks there... (depending if you use "subnet zero" or not etc..., and I'm sure a CCNA knows what I'm talking about ;-) In order to make it a little more understandable (not only for me ) I ommited these kind of details in previous posts ...
You are right that the size of routing tables could become enormous. However, they would be a magnitude bigger on the real Internet routers (4,17 billion routable addresses compared to the 18 million we need to route privately...
In fact I once worked for a company specialised in network monitoring and when I first looked at the routing table on an actual ISP "edge router" of a customer, I was amazed to say the least!)
CU
G.

 

[dearingkr]

Yes gdvissch, as long as NAT is used, I don't see why your plan would not work.

Traffic from subRTR1 & subRTR2 would be double-NAT'd (is that a word?), but Ive seen it work.

In fact, following your logic, you could have a sub-subRTR1 re-using 10.x.x.x on it's "lan" side.

It might work...my brain hurts


MCSE CCNA CCDA