If you have setup your own network, make sure you have enough IP
addresses available for all your shit.

Just hit my limit (50 initially) and have spent nearly an hour trailling
and tailing logs until I found the error in my piHole logs - "No IP
address available".

I suspect this is related to my adding another smart plug to the network
that I hadn't yet setup a static IP for - it's nicked a couple of
addresses (24 leases) in the meantime.

It does explain why I was getting an error trying to setup a new smart
plug yesterday .... that would have been tomorrows task.

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On 22/06/2025 14:32, Jethro_uk wrote:

If you have setup your own network, make sure you have enough IP
addresses available for all your shit.

Just hit my limit (50 initially) and have spent nearly an hour trailling
and tailing logs until I found the error in my piHole logs - "No IP
address available".

I suspect this is related to my adding another smart plug to the network
that I hadn't yet setup a static IP for - it's nicked a couple of
addresses (24 leases) in the meantime.

It does explain why I was getting an error trying to setup a new smart
plug yesterday .... that would have been tomorrows task.

It's scary how quickly you can use up all your address leases. Most
routers only hand out Class C private addresses in which you have one
byte to record the unique part of the IP address. This means you can
have a maximum of 252 devices: you need one address (often 192.168.x.1
or 192.168.x.254) to address the router itself. The 0 and 255 addresses
are "spoken for" as part of the addressing scheme - I think 255 is for broadcasts and I forget what 0 is used for.

I wonder if any routers can be set to Class B addresses in which two
bytes (a total of 64K, minus a few for broadcasts) are used to identify
the devices on the network.

I've just checked my router and I've got a scope of 192.168.1.2-250,
with the router on .1

I have configured the DHCP on my router to reserve addresses for my PCs, Raspberry Pis and phones/tablets so each of those always gets the same
address. Internet-of-Things devices such as Kasa smart plugs, Hive and
Philips Hue hubs and so on get random addresses. Oh, and my printer has
a reserved address as well, because computers need to address it by IP
rather than using a name-to-IP translation service such as NetBIOS.


The bigger problem that we've had is not running out of IP addresses but running out of Philips Hue bulbs that can be addressed by one Hue hub.
Our house has a lot of GU10 bulbs in various rooms (it was like that
when we bought it), so that's a lot of bulbs to be addressed. We were
starting to get slow or unpredictable effects once we got close to the
limit of 64 bulbs. Then Philips enhanced their app so it would access
more than one Hue hub, and we allocated different rooms to two different
hubs. It was slightly tedious to switch the app between hubs depending
on which rooms/bulbs we wanted to control, and there was a really
annoying restriction that only one of the hubs could be accessed from
outside our LAN (eg if we were away on holiday and wanted to turn lights
on or off remotely).

But in the last few weeks the app has been upgraded again (at last!) to
allow the bulbs on several hubs to be merged into one "virtual hub" and
the whole of this virtual hub can be controlled from outside the LAN.
Job done - at last! It was getting to the stage where I imagine it was impacting sales of Hue bulbs because who would buy more than 64 if only
64 could be controlled from outside the house if there was a need to do so?

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On 22/06/2025 17:52, NY wrote:

On 22/06/2025 14:32, Jethro_uk wrote:

If you have setup your own network, make sure you have enough IP
addresses available for all your shit.

Just hit my limit (50 initially) and have spent nearly an hour trailling
and tailing logs until I found the error in my piHole logs - "No IP
address available".

I suspect this is related to my adding another smart plug to the network
that I hadn't yet setup a static IP for - it's nicked a couple of
addresses (24 leases) in the meantime.

It does explain why I was getting an error trying to setup a new smart
plug yesterday .... that would have been tomorrows task.

It's scary how quickly you can use up all your address leases. Most
routers only hand out Class C private addresses in which you have one
byte to record the unique part of the IP address. This means you can
have a maximum of 252 devices: you need one address (often 192.168.x.1
or 192.168.x.254) to address the router itself. The 0 and 255 addresses
are "spoken for" as part of the addressing scheme - I think 255 is for broadcasts and I forget what 0 is used for.

I wonder if any routers can be set to Class B addresses in which two
bytes (a total of 64K, minus a few for broadcasts) are used to identify
the devices on the network.

I've just checked my router and I've got a scope of 192.168.1.2-250,
with the router on .1

I have configured the DHCP on my router to reserve addresses for my PCs, Raspberry Pis and phones/tablets so each of those always gets the same address. Internet-of-Things devices such as Kasa smart plugs, Hive and Philips Hue hubs and so on get random addresses. Oh, and my printer has
a reserved address as well, because computers need to address it by IP
rather than using a name-to-IP translation service such as NetBIOS.

The bigger problem that we've had is not running out of IP addresses but running out of Philips Hue bulbs that can be addressed by one Hue hub.
Our house has a lot of GU10 bulbs in various rooms (it was like that
when we bought it), so that's a lot of bulbs to be addressed. We were starting to get slow or unpredictable effects once we got close to the
limit of 64 bulbs. Then Philips enhanced their app so it would access
more than one Hue hub, and we allocated different rooms to two different hubs. It was slightly tedious to switch the app between hubs depending
on which rooms/bulbs we wanted to control, and there was a really
annoying restriction that only one of the hubs could be accessed from
outside our LAN (eg if we were away on holiday and wanted to turn lights
on or off remotely).

But in the last few weeks the app has been upgraded again (at last!) to
allow the bulbs on several hubs to be merged into one "virtual hub" and
the whole of this virtual hub can be controlled from outside the LAN.
Job done - at last! It was getting to the stage where I imagine it was impacting sales of Hue bulbs because who would buy more than 64 if only
64 could be controlled from outside the house if there was a need to do so?

one thing that can be done is install a Smoothwall or IPCop with 4 NICs.
One is to connect to Router (WAN), one for a DMZ, one for a wired LAN
and one for a Wireless WiFi LAN.... so thats two sets of 192.168.X.1-254
and 192.168.Y.(1-254) IP addresses.

All my NASes, PiHole, Wireguard, desktop PCs, TV sets, Satellite
recievers, CCTV and intruder/fire alarm are on WIRED LAN, all the mobile phones, tablets and laptops and the Roku sticks are on the WIRELESS LAN.

Stephen.

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

SH <i.love@spam.com> wrote:

one thing that can be done is install a Smoothwall or IPCop with 4 NICs.
One is to connect to Router (WAN), one for a DMZ, one for a wired LAN
and one for a Wireless WiFi LAN.... so thats two sets of 192.168.X.1-254
and 192.168.Y.(1-254) IP addresses.

All my NASes, PiHole, Wireguard, desktop PCs, TV sets, Satellite
recievers, CCTV and intruder/fire alarm are on WIRED LAN, all the mobile phones, tablets and laptops and the Roku sticks are on the WIRELESS LAN.

You don't need multiple NICs, a router that supports VLANs and a 'smart'
switch with VLAN support (TP-Link, £25) is enough. Flashing your router with OpenWRT or DD-WRT is a way to get VLAN support.

Theo

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On 6/22/25 19:13, Theo wrote:

SH <i.love@spam.com> wrote:

one thing that can be done is install a Smoothwall or IPCop with 4 NICs.
One is to connect to Router (WAN), one for a DMZ, one for a wired LAN
and one for a Wireless WiFi LAN.... so thats two sets of 192.168.X.1-254
and 192.168.Y.(1-254) IP addresses.

All my NASes, PiHole, Wireguard, desktop PCs, TV sets, Satellite
recievers, CCTV and intruder/fire alarm are on WIRED LAN, all the mobile
phones, tablets and laptops and the Roku sticks are on the WIRELESS LAN.

You don't need multiple NICs, a router that supports VLANs and a 'smart' switch with VLAN support (TP-Link, £25) is enough. Flashing your router with OpenWRT or DD-WRT is a way to get VLAN support.

Surely, you can't run a VLAN without VLAN switches. I don't think any of
my switches support VLAN tags.

What is the problem with having multiple subnets: 192.168.0.x,
192.168.1.x etc.

I assumed I could set my LAN subnet up to 16 bits, instead of 8. Or alternatively, have multiple 8 bit subnets, with appropriate routing
rules between them, if any were required.

I've never tried because I only have about 10 smart plugs. ARP is only
showing about 25 current devices.

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

NY wrote:

I wonder if any routers can be set to Class B addresses

My Draytek allow up to 1021 addrs (so a supernet of 4x class C) on LANs
1-3 and 253 addrs on LANs 4-8, plus the DMZ and routed subnet.

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On 22/06/2025 17:52, NY wrote:

On 22/06/2025 14:32, Jethro_uk wrote:

If you have setup your own network, make sure you have enough IP
addresses available for all your shit.

Just hit my limit (50 initially) and have spent nearly an hour trailling
and tailing logs until I found the error in my piHole logs - "No IP
address available".

I suspect this is related to my adding another smart plug to the network
that I hadn't yet setup a static IP for - it's nicked a couple of
addresses (24 leases) in the meantime.

It does explain why I was getting an error trying to setup a new smart
plug yesterday .... that would have been tomorrows task.

It's scary how quickly you can use up all your address leases. Most
routers only hand out Class C private addresses in which you have one
byte to record the unique part of the IP address. This means you can
have a maximum of 252 devices: you need one address (often 192.168.x.1
or 192.168.x.254) to address the router itself. The 0 and 255 addresses
are "spoken for" as part of the addressing scheme - I think 255 is for broadcasts and I forget what 0 is used for.

I wonder if any routers can be set to Class B addresses in which two
bytes (a total of 64K, minus a few for broadcasts) are used to identify
the devices on the network.

I do currently run a class C network, but as the addresses are managed
by my home server and not my router, I could easily upgrade to class B.

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On 22/06/2025 20:09, Andy Burns wrote:

NY wrote:

I wonder if any routers can be set to Class B addresses

My Draytek allow up to 1021 addrs (so a supernet of 4x class C) on LANs
1-3 and 253 addrs on LANs 4-8, plus the DMZ and routed subnet.

I had to stop using my Draytek, as when we switched ISPs, their router
could not be switched to modem mode and I did not want the problems of
double NAT.

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On 22/06/2025 20:09, Andy Burns wrote:

NY wrote:

I wonder if any routers can be set to Class B addresses

My Draytek allow up to 1021 addrs (so a supernet of 4x class C) on LANs
1-3 and 253 addrs on LANs 4-8, plus the DMZ and routed subnet.

Mine will allow anything I damn well choose. Class C with a netmask
spanning 512 addresses would be my easiest choice, or set up a class B


--
"It is an established fact to 97% confidence limits that left wing
conspirators see right wing conspiracies everywhere"

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On 23/06/2025 00:13, SteveW wrote:

On 22/06/2025 20:09, Andy Burns wrote:

NY wrote:

I wonder if any routers can be set to Class B addresses

My Draytek allow up to 1021 addrs (so a supernet of 4x class C) on
LANs 1-3 and 253 addrs on LANs 4-8, plus the DMZ and routed subnet.

I had to stop using my Draytek, as when we switched ISPs, their router
could not be switched to modem mode and I did not want the problems of
double NAT.

I am surprised. Mine worked perfectly

--
The New Left are the people they warned you about.

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On 22/06/2025 19:59, Pancho wrote:

On 6/22/25 19:13, Theo wrote:

SH <i.love@spam.com> wrote:

one thing that can be done is install a Smoothwall or IPCop with 4 NICs. >>> One is to connect to Router (WAN), one for a DMZ, one for a wired LAN
and one for a Wireless WiFi LAN.... so thats two sets of 192.168.X.1-254 >>> and 192.168.Y.(1-254) IP addresses.

All my NASes, PiHole, Wireguard, desktop PCs, TV sets, Satellite
recievers, CCTV and intruder/fire alarm are on WIRED LAN, all the mobile >>> phones, tablets and laptops and the Roku sticks are on the WIRELESS LAN.

You don't need multiple NICs, a router that supports VLANs and a 'smart'
switch with VLAN support (TP-Link, £25) is enough. Flashing your
router with
OpenWRT or DD-WRT is a way to get VLAN support.

Surely, you can't run a VLAN without VLAN switches. I don't think any of
my switches support VLAN tags.

What is the problem with having multiple subnets: 192.168.0.x,
192.168.1.x etc.

I assumed I could set my LAN subnet up to 16 bits, instead of 8. Or alternatively, have multiple 8 bit subnets, with appropriate routing
rules between them, if any were required.

I am pretty sure my router will allow me to use any damned IP
addresses I want on my own LAN.

And subnet masks.

On a private LAN the only reason to use the 192.168.x.x is because its guaranteed not to clash with anything on the real internet


You could pick a class A network like 10.x.x.x.
Or a class B between 172.16.x.x and 172.31.x.x
Or use the netmask 255.255.255.1 and use 192.168.0 and 192.168.1

Or have two LANS served by the router and route between them.

Although that is a lot more complicated

I've never tried because I only have about 10 smart plugs. ARP is only showing about 25 current devices.

Indeed. Devices - despite Occam's Razor - do seem to multiply beyond necessity.


--
Religion is regarded by the common people as true, by the wise as
foolish, and by the rulers as useful.

(Seneca the Younger, 65 AD)

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On Mon, 23 Jun 2025 08:37:24 +0100, The Natural Philosopher wrote:

Indeed. Devices - despite Occam's Razor - do seem to multiply beyond necessity.

Temperature sensors x 7
Curtain motors x 4
Lights x 8

Switched plugs x 5
Thermostat
My PCs and server x 5
Phones x 4
iPads x 2
TV
TiVo
BluRay
Mesh Network x 3
SmartMeter
Robovac
Google Nest x 3
Booster routers x 2


to be getting on with. And some of those need 2 ...

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On 6/23/25 08:40, The Natural Philosopher wrote:

On 22/06/2025 20:09, Andy Burns wrote:

NY wrote:

I wonder if any routers can be set to Class B addresses

My Draytek allow up to 1021 addrs (so a supernet of 4x class C) on
LANs 1-3 and 253 addrs on LANs 4-8, plus the DMZ and routed subnet.

Mine will allow anything I damn well choose. Class C with a netmask
spanning 512 addresses would be my easiest choice, or set up a class B

He means he can't connect his Draytech direct to the ISP connection.

He needs some kind of ONT/Modem/Handshaking protocol to manage the
connection to the ISP. It is this ISP device that insists on introducing
a NAT layer. The Draytech has to be connected behind the ISP device NAT.
If the Draytech isn't controlling a NAT layer, it doesn't serve much
purpose.

VirginMedia used to work like that for a bit, when they introduced the Superhub, but they quickly introduced a firmware update to allow it to
run in modem only mode.

I'd be interested to know what ISP has this restriction.

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

Pancho <Pancho.Jones@protonmail.com> wrote:

On 6/22/25 19:13, Theo wrote:

SH <i.love@spam.com> wrote:

one thing that can be done is install a Smoothwall or IPCop with 4 NICs. >> One is to connect to Router (WAN), one for a DMZ, one for a wired LAN
and one for a Wireless WiFi LAN.... so thats two sets of 192.168.X.1-254 >> and 192.168.Y.(1-254) IP addresses.

All my NASes, PiHole, Wireguard, desktop PCs, TV sets, Satellite
recievers, CCTV and intruder/fire alarm are on WIRED LAN, all the mobile >> phones, tablets and laptops and the Roku sticks are on the WIRELESS LAN.

You don't need multiple NICs, a router that supports VLANs and a 'smart' switch with VLAN support (TP-Link, £25) is enough. Flashing your router with
OpenWRT or DD-WRT is a way to get VLAN support.

Surely, you can't run a VLAN without VLAN switches. I don't think any of
my switches support VLAN tags.

You can pass VLAN tagged frames through a non-VLAN switch, but if you want
to split off the VLANs to different switch ports you need a switch that
knows about VLANs. One of these will do it:

https://www.amazon.co.uk/TP-Link-Snooping-Monitoring-Interface-TL-SG608E/dp/B0BVRK6L2V

What is the problem with having multiple subnets: 192.168.0.x,
192.168.1.x etc.

You can't typically run multiple subnets on the same interface. If the
router allows you can have one bigger subnet though, ie 192.168.0.0/23.

(technically you can, but it's messy)

I assumed I could set my LAN subnet up to 16 bits, instead of 8. Or alternatively, have multiple 8 bit subnets, with appropriate routing
rules between them, if any were required.

If your router allows you to set up multiple subnets and map them to its different ports then that might work. Most routers have a 5-port
VLAN-tagged switch internally with the LAN and WAN ports being the 5 ports
on the switch (no hardware difference between LAN and WAN side). Usually
VLANs are used to link LAN1-4 as one network and WAN as another network, but there's no reason you can't assign LAN1 to a VLAN of your creation and LAN2
to a different VLAN, etc.

That assumes your router allows that - OpenWRT does, I can't speak for other routers.

I've never tried because I only have about 10 smart plugs. ARP is only showing about 25 current devices.

Another reason you might do it is to have different firewall rules - eg I
have a VLAN with no internet connectivity so printers can't phone home and download firmware updates that block using aftermarket cartridges.

Theo

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On 23/06/2025 08:41, The Natural Philosopher wrote:

On 23/06/2025 00:13, SteveW wrote:

On 22/06/2025 20:09, Andy Burns wrote:

NY wrote:

I wonder if any routers can be set to Class B addresses

My Draytek allow up to 1021 addrs (so a supernet of 4x class C) on
LANs 1-3 and 253 addrs on LANs 4-8, plus the DMZ and routed subnet.

I had to stop using my Draytek, as when we switched ISPs, their router
could not be switched to modem mode and I did not want the problems of
double NAT.

I am surprised. Mine worked perfectly

What sort of problems can be caused by double NAT? When we first got
Linksys Velop mesh nodes, I set them up the way that Linksys wanted,
using one of the Velops as the DHCP server for the home network,
connected to my ISP's router by Ethernet. The network had 10.x.y.z
addresses and the ISP's router used 192.168.1.x addresses (though only
one was used, that of the Velop primary node). Thus there were two
levels of network address translation: 10.x.y.z to 192.168.1.x and
192.168.1.x to the router's WAN address.

This worked fine. I even managed to set up port forwarding to allow WAN
access (eg mobile phone away from home) access to security cameras on
the 10.x.y.z network.

I only changed to the present setup (Velops in dumb bridge mode, router
acting as DHCP server for network) when I began having intermittent
problems with some devices (not always the same ones, though they were
all Android or iPad) failing to browse to rented webspace. And that
continued after I'd changed to the new topology (I couldn't be arsed to
change back again) and was only fixed when the webspace company
(GoDaddy) upgraded their server. They weren't able to identify the
problem before that, even though I sent them Wireshark traces showing a computer doing an HTTP request and getting no response, with TCP packets
being re-sent at ever-doubling intervals of time with no ack from the
webspace server. But as soon as they emailed me to say that they were
upgrading their server, the problem went away, so it looks as if that
was the fix.

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On 23/06/2025 08:41, The Natural Philosopher wrote:

On 23/06/2025 00:13, SteveW wrote:

On 22/06/2025 20:09, Andy Burns wrote:

NY wrote:

I wonder if any routers can be set to Class B addresses

My Draytek allow up to 1021 addrs (so a supernet of 4x class C) on
LANs 1-3 and 253 addrs on LANs 4-8, plus the DMZ and routed subnet.

I had to stop using my Draytek, as when we switched ISPs, their router
could not be switched to modem mode and I did not want the problems of
double NAT.

I am surprised. Mine worked perfectly

The problem is that the ISP's router also provides the "landline" phone
and they won't release the details to allow me to connect it via a
separate box. Hence I am forced to use their router and, as it cannot be switched to a modem only mode (as I did with our previous ISP), I'd end
up with the Draytek double-NATted.

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On Mon, 23 Jun 2025 15:09:29 +0100, SteveW wrote:

On 23/06/2025 08:41, The Natural Philosopher wrote:

On 23/06/2025 00:13, SteveW wrote:

On 22/06/2025 20:09, Andy Burns wrote:

NY wrote:

I wonder if any routers can be set to Class B addresses

My Draytek allow up to 1021 addrs (so a supernet of 4x class C) on
LANs 1-3 and 253 addrs on LANs 4-8, plus the DMZ and routed subnet.

I had to stop using my Draytek, as when we switched ISPs, their router
could not be switched to modem mode and I did not want the problems of
double NAT.

I am surprised. Mine worked perfectly

The problem is that the ISP's router also provides the "landline" phone
and they won't release the details to allow me to connect it via a
separate box. Hence I am forced to use their router and, as it cannot be switched to a modem only mode (as I did with our previous ISP), I'd end
up with the Draytek double-NATted.

Time for a different ISP then.

"Round our way" it's become an interesting tussle between BT, Sky, Virgin
and BRSK.

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

SteveW <steve@walker-family.me.uk> wrote:

On 23/06/2025 08:41, The Natural Philosopher wrote:

On 23/06/2025 00:13, SteveW wrote:

On 22/06/2025 20:09, Andy Burns wrote:

NY wrote:

I wonder if any routers can be set to Class B addresses

My Draytek allow up to 1021 addrs (so a supernet of 4x class C) on
LANs 1-3 and 253 addrs on LANs 4-8, plus the DMZ and routed subnet.

I had to stop using my Draytek, as when we switched ISPs, their router
could not be switched to modem mode and I did not want the problems of
double NAT.

I am surprised. Mine worked perfectly

The problem is that the ISP's router also provides the "landline" phone
and they won't release the details to allow me to connect it via a
separate box. Hence I am forced to use their router and, as it cannot be switched to a modem only mode (as I did with our previous ISP), I'd end
up with the Draytek double-NATted.

I run double IPv4 NAT, putting my own router behind my ISP's router. That's primarily because the ISP router's Broadcom modem gets better VDSL speed and more stability than my router's Lantiq modem, despite trying several modem firmware versions. It also means my internet-facing router gets security updates provided by my ISP. Between the two routers is a kind of 'DMZ' that
I can put internet-facing machines without letting them see my internal network, allowing access from the internet via port forwarding settings on
the ISP router. Changing ISP is just a case of switching the outer router
and everything else stays the same.

Double NAT has turned out not to be a problem - it can cause troubles for
some online gaming (I don't) and for SIP VOIP (which for me works fine using STUN).

Slightly more awkward is propagating a suitable IPv6 range to the internal network - depends on how the ISP router is set up.

Theo

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On 23/06/2025 09:40, Pancho wrote:

On 6/23/25 08:40, The Natural Philosopher wrote:

On 22/06/2025 20:09, Andy Burns wrote:

NY wrote:

I wonder if any routers can be set to Class B addresses

My Draytek allow up to 1021 addrs (so a supernet of 4x class C) on
LANs 1-3 and 253 addrs on LANs 4-8, plus the DMZ and routed subnet.

Mine will allow anything I damn well choose. Class C with a netmask
spanning 512 addresses would be my easiest choice, or set up a class B

He means he can't connect his Draytech direct to the ISP connection.

He needs some kind of ONT/Modem/Handshaking protocol to manage the
connection to the ISP. It is this ISP device that insists on introducing
a NAT layer. The Draytech has to be connected behind the ISP device NAT.
If the Draytech isn't controlling a NAT layer, it doesn't serve much
purpose.

My draytek is behind such a fibre ONT. As supplied by Open Retch
It imposes nothing on me at all.

VirginMedia used to work like that for a bit, when they introduced the Superhub, but they quickly introduced a firmware update to allow it to
run in modem only mode.

I'd be interested to know what ISP has this restriction.

It sounds utterly weird.

My router does PPPoE with its *public* interface set to whatever the ISP demands (sets up with DHCP)

The ethernet to the ONT is not even IP- addressed . It is a pure bridge.

The routers *private* IP network is a free choice.


--
"It is an established fact to 97% confidence limits that left wing
conspirators see right wing conspiracies everywhere"

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On 23/06/2025 09:56, Jethro_uk wrote:

On Mon, 23 Jun 2025 08:37:24 +0100, The Natural Philosopher wrote:

Indeed. Devices - despite Occam's Razor - do seem to multiply beyond
necessity.

Temperature sensors x 7
Curtain motors x 4
Lights x 8

Switched plugs x 5
Thermostat
My PCs and server x 5
Phones x 4
iPads x 2
TV
TiVo
BluRay
Mesh Network x 3
SmartMeter
Robovac
Google Nest x 3
Booster routers x 2

to be getting on with. And some of those need 2 ...

God help you if the internet goes down,
Do you REALLY need IP addressable curtains?
And lights that you can turn on from the other side of the world?
And WTF is a booster router.

--
To ban Christmas, simply give turkeys the vote.

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On 23/06/2025 10:04, Theo wrote:

Pancho <Pancho.Jones@protonmail.com> wrote:

On 6/22/25 19:13, Theo wrote:

SH <i.love@spam.com> wrote:

one thing that can be done is install a Smoothwall or IPCop with 4 NICs. >>>> One is to connect to Router (WAN), one for a DMZ, one for a wired LAN
and one for a Wireless WiFi LAN.... so thats two sets of 192.168.X.1-254 >>>> and 192.168.Y.(1-254) IP addresses.

All my NASes, PiHole, Wireguard, desktop PCs, TV sets, Satellite
recievers, CCTV and intruder/fire alarm are on WIRED LAN, all the mobile >>>> phones, tablets and laptops and the Roku sticks are on the WIRELESS LAN. >>>

You don't need multiple NICs, a router that supports VLANs and a 'smart' >>> switch with VLAN support (TP-Link, £25) is enough. Flashing your router with
OpenWRT or DD-WRT is a way to get VLAN support.

Surely, you can't run a VLAN without VLAN switches. I don't think any of
my switches support VLAN tags.

You can pass VLAN tagged frames through a non-VLAN switch, but if you want
to split off the VLANs to different switch ports you need a switch that
knows about VLANs. One of these will do it:

https://www.amazon.co.uk/TP-Link-Snooping-Monitoring-Interface-TL-SG608E/dp/B0BVRK6L2V

What is the problem with having multiple subnets: 192.168.0.x,
192.168.1.x etc.

You can't typically run multiple subnets on the same interface.

All linux based systems allow that.
Nearly all routers are linux based.

If the
router allows you can have one bigger subnet though, ie 192.168.0.0/23.

(technically you can, but it's messy)

Actually that is very easy and totally legal.
You can have a 192.168.0.0/16 if you want

I assumed I could set my LAN subnet up to 16 bits, instead of 8. Or
alternatively, have multiple 8 bit subnets, with appropriate routing
rules between them, if any were required.

If your router allows you to set up multiple subnets and map them to its different ports then that might work. Most routers have a 5-port
VLAN-tagged switch internally with the LAN and WAN ports being the 5 ports
on the switch (no hardware difference between LAN and WAN side). Usually VLANs are used to link LAN1-4 as one network and WAN as another network, but there's no reason you can't assign LAN1 to a VLAN of your creation and LAN2 to a different VLAN, etc.

That assumes your router allows that - OpenWRT does, I can't speak for other routers.

I've never tried because I only have about 10 smart plugs. ARP is only
showing about 25 current devices.

Another reason you might do it is to have different firewall rules - eg I have a VLAN with no internet connectivity so printers can't phone home and download firmware updates that block using aftermarket cartridges.

Theo

--
To ban Christmas, simply give turkeys the vote.

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On 23/06/2025 15:09, SteveW wrote:

The problem is that the ISP's router also provides the "landline" phone
and they won't release the details to allow  me to connect it via a
separate box. Hence I am forced to use their router and, as it cannot be switched to a modem only mode (as I did with our previous ISP), I'd end
up with the Draytek double-NATted.

Ah.
Time to change your ISP I suspect. Is it not BT fibre then?
Double NATTING should actually work...

--
“Those who can make you believe absurdities, can make you commit atrocities.”

― Voltaire, Questions sur les Miracles à M. Claparede, Professeur de Théologie à Genève, par un Proposant: Ou Extrait de Diverses Lettres de
M. de Voltaire

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On Mon, 23 Jun 2025 18:44:01 +0100
The Natural Philosopher <tnp@invalid.invalid> wrote:

On 23/06/2025 15:09, SteveW wrote:

The problem is that the ISP's router also provides the "landline"
phone and they won't release the details to allow  me to connect it
via a separate box. Hence I am forced to use their router and, as
it cannot be switched to a modem only mode (as I did with our
previous ISP), I'd end up with the Draytek double-NATted.

Ah.
Time to change your ISP I suspect. Is it not BT fibre then?
Double NATTING should actually work...

I used to run (for a client) an MS Small Business Server behind double
NAT, and often accessed its PPTP VPN (20 years ago) through my own
double NAT. Online games were not played at either end, so there was
never a problem. Apart from my first few years on the Net, I've always
run double NAT.

--
Joe

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On Mon, 23 Jun 2025 18:39:42 +0100, The Natural Philosopher wrote:

On 23/06/2025 09:56, Jethro_uk wrote:

On Mon, 23 Jun 2025 08:37:24 +0100, The Natural Philosopher wrote:

Indeed. Devices - despite Occam's Razor - do seem to multiply beyond
necessity.

Temperature sensors x 7 Curtain motors x 4 Lights x 8

Switched plugs x 5 Thermostat My PCs and server x 5 Phones x 4 iPads x
2 TV TiVo BluRay Mesh Network x 3 SmartMeter Robovac Google Nest x 3
Booster routers x 2


to be getting on with. And some of those need 2 ...

God help you if the internet goes down,
Do you REALLY need IP addressable curtains?

I don't. But SWMBO is wheelchair bound

And lights that you can turn on from the other side of the world?

See above

And WTF is a booster router.

I had to add an old 2Wire router into the mix as some IoT things insist
on a pure 2.4GHz network, not a dual 2.4/5 one.

The point about relying on the internet is well taken. However whilst I
am sure it would be possible to setup a local voice-control hub and may
be worth working towards it, for *now* SWMBO can enjoy some semblance of
normal life.

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

The Natural Philosopher <tnp@invalid.invalid> wrote:

On 23/06/2025 10:04, Theo wrote:

Pancho <Pancho.Jones@protonmail.com> wrote:

What is the problem with having multiple subnets: 192.168.0.x,
192.168.1.x etc.

You can't typically run multiple subnets on the same interface.

All linux based systems allow that.
Nearly all routers are linux based.

If the
router allows you can have one bigger subnet though, ie 192.168.0.0/23.

(technically you can, but it's messy)

Actually that is very easy and totally legal.
You can have a 192.168.0.0/16 if you want

That's a single subnet with a /16 mask. Class A/B/C have been dead and
buried for 30 years, you can pick whatever granularity you like, eg a /23,
/19 or whatever. If you do that it's still a single subnet.

I meant putting two subnets say 192.168.2.0/24 and 192.168.49.0/24 on the
same interface. You can assign the IPs to the interface, but suppose a
client wants to do DHCP - which subnet does it get an address in? Yes you
can configure the DHCP server to give fixed mappings in either subnet and default to allocating unrecognised devices IPs in one subnet.

I'm also not sure what happens with broadcast traffic, such as mDNS.

That's what I mean about it can be done, but it's messy.

Theo

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On 23/06/2025 18:44, The Natural Philosopher wrote:

On 23/06/2025 15:09, SteveW wrote:

The problem is that the ISP's router also provides the "landline"
phone and they won't release the details to allow  me to connect it
via a separate box. Hence I am forced to use their router and, as it
cannot be switched to a modem only mode (as I did with our previous
ISP), I'd end up with the Draytek double-NATted.

Ah.
Time to change your ISP I suspect. Is it not BT fibre then?
Double NATTING should actually work...

Its probably ZEN. I use ZEN for Fibre but use a third party VOIP
service. As ZEN don't lock down the router I can use that to connect to
my VOIP provider.

Dave

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On 23/06/2025 18:44, The Natural Philosopher wrote:

On 23/06/2025 15:09, SteveW wrote:

The problem is that the ISP's router also provides the "landline"
phone and they won't release the details to allow  me to connect it
via a separate box. Hence I am forced to use their router and, as it
cannot be switched to a modem only mode (as I did with our previous
ISP), I'd end up with the Draytek double-NATted.

Ah.
Time to change your ISP I suspect. Is it not BT fibre then?

Yes it is OpenReach. However the ISP is Vodafone, who don't generally
release the required details.

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On 6/24/25 00:35, SteveW wrote:

On 23/06/2025 18:44, The Natural Philosopher wrote:

On 23/06/2025 15:09, SteveW wrote:

The problem is that the ISP's router also provides the "landline"
phone and they won't release the details to allow  me to connect it
via a separate box. Hence I am forced to use their router and, as it
cannot be switched to a modem only mode (as I did with our previous
ISP), I'd end up with the Draytek double-NATted.

Ah.
Time to change your ISP I suspect. Is it not BT fibre then?

Yes it is OpenReach. However the ISP is Vodafone, who don't generally
release the required details.

Hiding VoIP details is quite common. TNP's ISP do it too, IDNet. I
suspect this is because of the VoIP support issues related to people
using their own equipment.

I'm also not sure if "won't release details" is the same as locking down
the router so you can't find them for yourself.

Anyway, when I set up a new IDNet connection for my late mother, I
didn't take IDNet's own VoIP offering. I went with A&A which was a
little tricky to set up, different to Sipgate, but ultimately fine.

For low use A&A are perfect. I will switch to them myself when my
Sipgate credit runs out (if it ever does).

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On 6/23/25 10:04, Theo wrote:

Pancho <Pancho.Jones@protonmail.com> wrote:

On 6/22/25 19:13, Theo wrote:

SH <i.love@spam.com> wrote:

one thing that can be done is install a Smoothwall or IPCop with 4 NICs. >>>> One is to connect to Router (WAN), one for a DMZ, one for a wired LAN
and one for a Wireless WiFi LAN.... so thats two sets of 192.168.X.1-254 >>>> and 192.168.Y.(1-254) IP addresses.

All my NASes, PiHole, Wireguard, desktop PCs, TV sets, Satellite
recievers, CCTV and intruder/fire alarm are on WIRED LAN, all the mobile >>>> phones, tablets and laptops and the Roku sticks are on the WIRELESS LAN. >>>

You don't need multiple NICs, a router that supports VLANs and a 'smart' >>> switch with VLAN support (TP-Link, £25) is enough. Flashing your router with
OpenWRT or DD-WRT is a way to get VLAN support.

Surely, you can't run a VLAN without VLAN switches. I don't think any of
my switches support VLAN tags.

You can pass VLAN tagged frames through a non-VLAN switch, but if you want
to split off the VLANs to different switch ports you need a switch that
knows about VLANs. One of these will do it:

https://www.amazon.co.uk/TP-Link-Snooping-Monitoring-Interface-TL-SG608E/dp/B0BVRK6L2V

That is interesting, I didn't know I could use non VLAN switches. My
router only has two NIC interfaces WAN and LAN, so this info is
potentially useful. I thought about VLANs 10-15 years ago, for a dual
WAN setup I had at the time, but discounted a VLAN due to non-compliant switches, perhaps I was wrong. Although, maybe there were other issues,
like subnet broadcast stuff. Anyway, too long ago for me to remember.

[snip]

Another reason you might do it is to have different firewall rules - eg I have a VLAN with no internet connectivity so printers can't phone home and download firmware updates that block using aftermarket cartridges.

My router, pfSense, allows me to define "Firewall ALiases". Which are
arbitrary groups of IPs. I can define firewall rules like "no phone
home" on an Alias basis.

The problem with open source router software, is that once you get happy
with one, the thought of changing becomes horrific.

FWIW, many weeks of "no phone home" killed my mesh WiFi. No phone home
blocked each mesh node's ntp time sync, to a hardcoded WAN address,
eventually they got out of sync and went into go slow mode.

Theo

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On 23/06/2025 20:59, Jethro_uk wrote:

The point about relying on the internet is well taken. However whilst I
am sure it would be possible to setup a local voice-control hub and may
be worth working towards it, for *now* SWMBO can enjoy some semblance of normal life.

I apologise completely. The thought of an extreme disability did not
cross my mind.


--
“The ultimate result of shielding men from the effects of folly is to
fill the world with fools.”

Herbert Spencer

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On 24/06/2025 08:47, Pancho wrote:

On 6/24/25 00:35, SteveW wrote:

On 23/06/2025 18:44, The Natural Philosopher wrote:

On 23/06/2025 15:09, SteveW wrote:

The problem is that the ISP's router also provides the "landline"
phone and they won't release the details to allow  me to connect it
via a separate box. Hence I am forced to use their router and, as it
cannot be switched to a modem only mode (as I did with our previous
ISP), I'd end up with the Draytek double-NATted.

Ah.
Time to change your ISP I suspect. Is it not BT fibre then?

Yes it is OpenReach. However the ISP is Vodafone, who don't generally
release the required details.

Hiding VoIP details is quite common. TNP's ISP do it too, IDNet. I
suspect this is because of the VoIP support issues related to people
using their own equipment.

I'm also not sure if "won't release details" is the same as locking down
the router so you can't find them for yourself.

Unfortunately it's both.

I may get my son onto it when he is next home - he's just gained a 1st
class honours degree in Cybersecurity and Forensics (plus the Dean's
award for excellence in the subject); was on the committee of the
university's Hacking Society; works for the authorities in that field;
and loves nothing more than hacking routers - he's usually got at least
one with wires coming out to access its JTAG interfaces.

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On 23/06/2025 22:03, Theo wrote:

The Natural Philosopher <tnp@invalid.invalid> wrote:

On 23/06/2025 10:04, Theo wrote:

Pancho <Pancho.Jones@protonmail.com> wrote:

What is the problem with having multiple subnets: 192.168.0.x,
192.168.1.x etc.

You can't typically run multiple subnets on the same interface.

All linux based systems allow that.
Nearly all routers are linux based.

If the
router allows you can have one bigger subnet though, ie 192.168.0.0/23.

(technically you can, but it's messy)

Actually that is very easy and totally legal.
You can have a 192.168.0.0/16 if you want

That's a single subnet with a /16 mask. Class A/B/C have been dead and buried for 30 years, you can pick whatever granularity you like, eg a /23, /19 or whatever. If you do that it's still a single subnet.

Oh. Ok. I thought the idea was just to extend address space.
A B C exist as conventions still.

I meant putting two subnets say 192.168.2.0/24 and 192.168.49.0/24 on the same interface. You can assign the IPs to the interface, but suppose a client wants to do DHCP - which subnet does it get an address in? Yes you can configure the DHCP server to give fixed mappings in either subnet and default to allocating unrecognised devices IPs in one subnet.

DHCP isn't really designed to exist across two subnets. I mean if the
tow subnets are not physically separated at some point, what is the
point of making them separatte at all?

I can create a second LAN network here but the proviso is that it's
accessed via a different wifi SSID. And that has a difference DHCP
server assigned.

If you are fully wired at some level you would need to isolate the two
networks for there to be any point in having them

I'm also not sure what happens with broadcast traffic, such as mDNS.

Don't think that is any problem once you get the thing working.

That's what I mean about it can be done, but it's messy.

Theo

--
“The ultimate result of shielding men from the effects of folly is to
fill the world with fools.”

Herbert Spencer

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On 24/06/2025 00:35, SteveW wrote:

On 23/06/2025 18:44, The Natural Philosopher wrote:

On 23/06/2025 15:09, SteveW wrote:

The problem is that the ISP's router also provides the "landline"
phone and they won't release the details to allow  me to connect it
via a separate box. Hence I am forced to use their router and, as it
cannot be switched to a modem only mode (as I did with our previous
ISP), I'd end up with the Draytek double-NATted.

Ah.
Time to change your ISP I suspect. Is it not BT fibre then?

Yes it is OpenReach. However the ISP is Vodafone, who don't generally
release the required details.

Well that is crap.
Time to change to an ISP who does.

When I moved from ASL to fibre i didn't even change the PPP login. IDnet
kept everything the same.

In fact from there perspective I am not sure anything HAD changed, They probably saw the same frames coming in to their termination kit ...just
via a different mechanism.

There are ISPs who gear their tech towards numpties, and there are ISPs
who are happy to support technically sophisticated ones.

--
All political activity makes complete sense once the proposition that
all government is basically a self-legalising protection racket, is
fully understood.

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On 24/06/2025 08:47, Pancho wrote:

On 6/24/25 00:35, SteveW wrote:

On 23/06/2025 18:44, The Natural Philosopher wrote:

On 23/06/2025 15:09, SteveW wrote:

The problem is that the ISP's router also provides the "landline"
phone and they won't release the details to allow  me to connect it
via a separate box. Hence I am forced to use their router and, as it
cannot be switched to a modem only mode (as I did with our previous
ISP), I'd end up with the Draytek double-NATted.

Ah.
Time to change your ISP I suspect. Is it not BT fibre then?

Yes it is OpenReach. However the ISP is Vodafone, who don't generally
release the required details.

Hiding VoIP details is quite common. TNP's ISP do it too, IDNet. I
suspect this is because of the VoIP support issues related to people
using their own equipment.

Yep. Which is why I will probably not use them for VOIP. They are
selling IIRC BTs servie only

I'm also not sure if "won't release details" is the same as locking down
the router so you can't find them for yourself.

Could well be.

Anyway, when I set up a new IDNet connection for my late mother, I
didn't take IDNet's own VoIP offering. I went with A&A which was a
little tricky to set up, different to Sipgate, but ultimately fine.

For low use A&A are perfect. I will switch to them myself when my
Sipgate credit runs out (if it ever does).

Agreed. Sound plan

--
In theory, there is no difference between theory and practice.
In practice, there is.
-- Yogi Berra

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On Tue, 24 Jun 2025 09:52:25 +0100, The Natural Philosopher wrote:

On 23/06/2025 20:59, Jethro_uk wrote:

The point about relying on the internet is well taken. However whilst I
am sure it would be possible to setup a local voice-control hub and may
be worth working towards it, for *now* SWMBO can enjoy some semblance
of normal life.

I apologise completely. The thought of an extreme disability did not
cross my mind.

Sadly used to it.

The older I get, the more I subscribe to the principle "do not let
perfection be the enemy of progress".

Yes, what I have is a lash-up. However, having started 10 years ago in
various ways, I'm pleased I did. Because I am now 10 years down the line
whilst most things haven't moved at all.

Currently my biggest bugbear is that if the internet goes down, a lot of devices won't work by voice. Now if there is a power cut then it's
obvious that internet or no internet, you are shafted.

However I've had 2 internet outages in the past 12 months, and they have
been a nuisance. I have a 5G dongle, but not yet found a suitable
failover router.

There is also the ink cartridge problem that really I need an everlasting
SIM that is PAYG. And a network config that puts the smart crap into it's
own little subnet so that the failover internet isn't streaming the
latest Netflix in 4K ...

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

John R Walliker <jrwalliker@gmail.com> wrote:

On 23/06/2025 22:03, Theo wrote:

I'm also not sure what happens with broadcast traffic, such as mDNS.

That's what I mean about it can be done, but it's messy.

Broadcast traffic doesn't care about subnets, so it will be visible
from all of the subnets on any interface.

Yes, and the consequence is... what exactly?

I think for mDNS you'll have a broadcast saying 'hey I'm an HP Laserjet Whatever, my hostname is laserjet-whatever.local, my IP is 192.168.49.33 and I'm a printer!' and then clients on both subnets will see that. So a client
on the .2.x subnet will autodetect the printer on the .49.x subnet. But I think the .2.x client won't have a direct route to that printer, so it'll
send traffic via the router. If the router chooses not to forward traffic between the subnets then attempting to print will fail.[1]

Basically you have kind of a halfway position between having all the clients
on the same subnet and having them on separate networks, with complications where they in one camp or the other.

Theo

[1] On my setup I have the opposite problem of wanting to print to printers
on an isolated subnet. I use Avahi on the router to relay mDNS between
subnets so they are autodetected and AirPrint etc work.

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

Pancho <Pancho.Jones@protonmail.com> wrote:

That is interesting, I didn't know I could use non VLAN switches. My
router only has two NIC interfaces WAN and LAN, so this info is
potentially useful. I thought about VLANs 10-15 years ago, for a dual
WAN setup I had at the time, but discounted a VLAN due to non-compliant switches, perhaps I was wrong. Although, maybe there were other issues,
like subnet broadcast stuff. Anyway, too long ago for me to remember.

The consumer 'smart' switches support VLANs, QoS and other things that you'd expect to find in a 'big' enterprise switch, but they barely cost any more
than an unmanaged switch nowadays. It's got to the point where gigabit ethernet is sufficiently slow compared to modern silicon that these features come almost for free.

My router, pfSense, allows me to define "Firewall ALiases". Which are arbitrary groups of IPs. I can define firewall rules like "no phone
home" on an Alias basis.

The problem with open source router software, is that once you get happy
with one, the thought of changing becomes horrific.

Once the firewall rules get too complicated it gets messy to change them :-)

FWIW, many weeks of "no phone home" killed my mesh WiFi. No phone home blocked each mesh node's ntp time sync, to a hardcoded WAN address, eventually they got out of sync and went into go slow mode.

I wonder if they will accept an NTP server sent via DHCP? That could be a
way to retarget them to an internal server.

I suppose you could also NAT the hardcoded WAN address to something else, eg something internal? Or hijack their DNS if they are doing a lookup first?

Theo

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On Tue, 24 Jun 2025 08:47:15 +0100, Pancho wrote:

Anyway, when I set up a new IDNet connection for my late mother, I
didn't take IDNet's own VoIP offering. I went with A&A which was a
little tricky to set up, different to Sipgate, but ultimately fine.

I've been using A&A VoIP for at least ten years. Light outgoing use, and heavier incoming. We have ten numbers, for various reasons. In our case, I
run Asterisk, which just registers with their servers.

For low use A&A are perfect. I will switch to them myself when my
Sipgate credit runs out (if it ever does).

A while ago I moved my Sipgate number to A&A. Painless, and they refunded
my outstanding balance of about six pounds!



--
My posts are my copyright and if @diy_forums or Home Owners' Hub
wish to copy them they can pay me £1 a message.
Use the BIG mirror service in the UK: http://www.mirrorservice.org
*lightning surge protection* - a w_tom conductor

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On 24/06/2025 10:58, Theo wrote:

John R Walliker <jrwalliker@gmail.com> wrote:

On 23/06/2025 22:03, Theo wrote:

I'm also not sure what happens with broadcast traffic, such as mDNS.

That's what I mean about it can be done, but it's messy.

Broadcast traffic doesn't care about subnets, so it will be visible
from all of the subnets on any interface.

Yes, and the consequence is... what exactly?

I think for mDNS you'll have a broadcast saying 'hey I'm an HP Laserjet Whatever, my hostname is laserjet-whatever.local, my IP is 192.168.49.33 and I'm a printer!' and then clients on both subnets will see that. So a client on the .2.x subnet will autodetect the printer on the .49.x subnet. But I think the .2.x client won't have a direct route to that printer, so it'll send traffic via the router. If the router chooses not to forward traffic between the subnets then attempting to print will fail.[1]

Basically you have kind of a halfway position between having all the clients on the same subnet and having them on separate networks, with complications where they in one camp or the other.

Exactly. Look at the reasons WHY we have subnets AT ALL.

(That is, networks on different addresses connected by a router)

The original issue was to reduce wide area network traffic. And allow
multiple routes to a singe destination to co-exist.

The Internet was built originally as a military network

Then the ideas of local area networks arose. Being areas of high traffic
that was isolated from the Internet.

Again here subbnetting was a way to reduce traffic density - especially
in the days of coax cable Ethernet.

But Ethernet itself offered another possibility of routing at the
Ethernet level, as every machine had not just a unique IP address but a
unique MAC Ethernet address

And self learning bridges first, and then Ethernet switches used MAC
level filtering to contain traffic to single wire segments .

So the *traffic* problems was solved by star network structured cabling
and switches.
leaving the only purpose of subnetting to *limit access*.

So I can have a separate wifi login that goes to a different subnet that restricts access to my home network for house 'guests' who still ant to
use the internet

But in terms of opening up spaces for a home network to have more than
253 local machines on it (excluding the router) there is simply no point
in creating a *routed* subnet.
DHCP can then issue the correct netmasks to operate on that network.

Especially in today's WiFi connection which shares radio space anyway -
we have lost the benefits of Ethernet cables and switches.

Just make your home network 1024 machines wide, or whatever


--
Any fool can believe in principles - and most of them do!

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)