Page 1 of 2 12 LastLast
Results 1 to 10 of 12

Thread: Two different networks on the one line?

  1. #1
    penguin_to_bits
    Guest

    Default Two different networks on the one line?

    Imagine you have four machines, you set them up as follows:

    Machine 0: 192.168.1.1/24
    Machine 1: 192.168.1.2/24
    Machine 2: 10.0.0.1/8
    Machine 3: 10.0.0.2/8

    (You don't specify a default gateway for any of them)

    You then get a four-port hub and hook them all up to it. With a normal routing table, the first two laptops will be able to communicate with each other, and the second two laptops will be able to communicate with each other, but you won't be able to communicate with a laptop on the other network. If you try to ping the wrong laptop, you'll get "network unreachable".

    So firstly, I'd like to ask if anyone's ever seen two different network subnets on the same collision domain? If so, why do they put two networks on the one cable? To save them needing two cables? Also, if Laptop 0 wanted to communicate with Laptop 3, would they simply add the following route:

    route add -net 10.0.0.0 netmask 255.0.0.0 wlan0

    Here's the reason I ask: I was on a network today that didn't have a DHCP server, so I opened up Wireshark to see what IP addresses the traffic had. I filtered for ARP requests and found that there were request for machines in the range 10.1.2.0/24, but also for machines in the range 192.168.1.0/24.

    Have any of you ever come across a wireless network that had two different subnets on it? If so, why do they do this? If people went to the bother of making two different networks then I'd imagine they'd put a router between them rather than putting them on the same line?

  2. #2
    Senior Member
    Join Date
    Feb 2008
    Posts
    681

    Default

    That's a difficult one. Probably why no-one's answered yet. I have no idea but hopefully other people will have some suggestions
    [FONT=Courier New][SIZE=2][FONT=Courier New]hehe...
    [/FONT][/SIZE][/FONT]

  3. #3
    Member
    Join Date
    Jun 2006
    Posts
    107

    Default

    Well,

    I think what you tried to simulate wont work, as you were using a hub. And adding the route you mentioned, I think wont work also, as you will get an error stating that the gateway is different than the network you are routing to.

    This scenario can happen, when using vlans, as you have a single switch, however you divided it into two vlans (for security reasons; as an example to seperate the HR department than other departments), each vlan has its specified network subnet, and both subnets can't communicate with each other, unless you used the vlan 802.1dotQ trunking protocol, as I remember.

    Regards

  4. #4
    penguin_to_bits
    Guest

    Default

    I probably should have simplified my original post further. Basically, I'm on a wireless network and I can see traffic for two different networks. Sometimes you might see 10.1.2.7 send a packet to 10.1.2.5, and a few seconds later you might see 192.168.1.9 send a packet to 192.168.1.3. I'm just wondering what kind of setup this is?

    The explanation I presented in my original post was just to show that it is possible to make two machines communicate on Layer 2 even if they've a different subnet. For instance, let's say we have:

    Machine 1:
    IP address: 192.168.1.5
    Routing table:
    Code:
    Kernel IP routing table
    Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
    192.168.1.0     0.0.0.0         255.255.255.0   U     0      0        0 wlan0
    127.0.0.0       0.0.0.0         255.0.0.0       U     0      0        0 lo
    Machine 2:
    IP address: 10.1.2.7
    Routing table:
    Code:
    Kernel IP routing table
    Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
    10.1.2.7        0.0.0.0         255.255.255.0   U     0      0        0 wlan0
    127.0.0.0       0.0.0.0         255.0.0.0       U     0      0        0 lo
    If, on the former machine, you do the following:

    route add -net 10.1.2.0 netmask 255.255.255.0 wlan0

    then you'll be able to send out frames to machines on that network just as if they were on your own network. You can test it with a single computer... if you add the new route, then ping it, Wireshark will show ARP requests to the other network. Anyway, I thought that maybe this was how the network in question was working, but I've yet to see any communication between the two networks.

    So basically I'm left with a wireless access point that's carrying two networks... hmm... has anyone seen the like?

  5. #5
    Senior Member Thorn's Avatar
    Join Date
    Jan 2010
    Location
    The Green Dome
    Posts
    1,509

    Default

    A wireless AP (or router) works like a hub on the wireless side, in that everything is in the same collision domain. They typically function at Layer 2. However, it shouldn't go beyond the AP on the wired side of the device.
    Thorn
    Stop the TSA now! Boycott the airlines.

  6. #6
    Member
    Join Date
    Jun 2006
    Posts
    107

    Default

    If, on the former machine, you do the following:

    route add -net 10.1.2.0 netmask 255.255.255.0 wlan0
    Well, I have tried this on a windows box, my ip is on 172.16.16.X subnet, and I want to add a route to 10.16.16.X subnet, as I said before, I expect receiving an error for adding this to the route table, the error I receive is:
    Code:
    the gateway does not lie on the same network as the interface. Check the IP Address Table for the machine.
    So, are you sure you can add a route as you said ?

  7. #7
    My life is this forum Barry's Avatar
    Join Date
    Jan 2010
    Posts
    3,817

    Default

    dd-wrt can do vlans. So can the Cisco gear. Maybe that's what you're seeing.
    Of course, if you really wanted to have some fun, go to Wal-Mart late at night and ask the greeter if they could help you find trashbags, roll of carpet, rope, quicklime, clorox and a shovel. See if they give you any strange looks. --Streaker69

  8. #8
    Member
    Join Date
    Jun 2006
    Posts
    107

    Default

    dd-wrt can do vlans. So can the Cisco gear. Maybe that's what you're seeing.
    You are right, as I remember the Cisco Aironet AP can provide up to 16 VLANS

  9. #9
    penguin_to_bits
    Guest

    Default

    Quote Originally Posted by l1nuxant_ee View Post
    So, are you sure you can add a route as you said ?
    I'm running Backtrack 3 beta without any modifications, and the following works for me:

    ifconfig eth0 down
    ifconfig eth0 172.16.16.9 netmask 255.255.255.0
    route add -net 10.16.16.0 netmask 255.255.255.0 eth0

    It works with all my NIC's, both wired and wireless. When I open up Wireshark and try to ping 10.16.16.7, I see the ARP requests.

    If you were to have multiple networks running on the same Ethernet cable, you could make them communicate with each other without the need for a router. Admittedly I don't see much point in it, but it works.

  10. #10
    penguin_to_bits
    Guest

    Default

    Here's the latest. . .

    I'm on an Access Point. The access point has an IP address so that it can be configured via HTTP. I open up the AP's configuration page in a web browser and I see that there are only two wireless devices associated. One of these devices is me, and the other is a workstation that has a bizzillion ports open.

    IP address of Access Point: 10.1.2.99
    IP address of Workstation: 10.1.2.12
    My IP address: 10.1.2.88 (there's no DHCP, I had to set it myself)

    The AP is only an AP, it's not an AP-Router combo.

    Running up Wireshark, I see traffic from public IP addresses, but they all come from the same MAC address, meaning that they're coming from a router. So I get the IP address of the router, and it's 10.1.2.1. So far the network consists of:

    Router: 10.1.2.1
    Access Point: 10.1.2.99
    Workstation (via the access point): 10.1.2.12
    Me (via the access point): 10.1.2.88

    Now when I open up Wireshark, I filter out all traffic from the router's MAC address, meaning that I should only see traffic with destination IP's and source IP's in the range 10.1.2.x... but the thing is I'm also seeing traffic from two other networks:

    192.168.1/24
    192.168.2/24

    Devices in these IP ranges are sending ARP requests and things like NetBios to each other. Next thing I tried to do was change my IP address to one of these ranges, for instance:

    ifconfig wlan0 192.168.1.77 netmask 255.255.255.0

    And the I try to ping 192.168.1.1. In Wireshark, I see my ARP requests go out... but they're completely ignored by the other devices! When I run netdiscover for these IP ranges they come up with nothing (unless the devices happen to send out ARP requests of their own accord)

    So to summarise:
    * I can see traffic for three different networks
    * Only one of the networks will talk back to me; the others ignore me

    Snooping around with Wireshark some more, I've found that 192.168.1.1 is a router that goes out to the internet.

    Still tryna make sense of it.

Page 1 of 2 12 LastLast

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •