From: Mas Kato (tealp729@xxxxxxxx)
Date: Thu May 03 2001 - 03:21:44 GMT-3
Hello everybody,
I've been playing around with the ole' FLSM network-to-VLSM network
reachability scenario and may have stumbled across an 'ip
default-network' / 'ip subnet-zero' exploit. It's a variation on
something I found in the archives--but I'm not sure if it's old news or
not, so I thought I'd throw it out there and have you guys rip it to
shreds...
Major network: 172.16.0.0
OSPF/28--(R3)--OSPF/24--(R5)--IGRP/24--(R2)
Goal: Provide reachability to the OSPF/28 network from the IGRP/24
network while avoiding statics, blah, blah...
One of the archived suggestions is to configure a classful loopback on
R5, have IGRP advertise it to R2 and then use the 'ip default-network'
command on R2, referencing the classful network. Fine--but what if we're
limited to using subnets from just one major network?
Well, since the 'ip default-network' command is classful, if we
reference a subnet of our major network we get that lovely static route
installed to the major net and then we have to issue the 'ip
default-network' command again, this time referencing the major net. Ug.
Here's what it looked like on R2:
Gateway of last resort is 172.16.5.0 to network 172.16.0.0
* 172.16.0.0/16 is variably subnetted, 6 subnets, 2 masks
C 172.16.52.0/24 is directly connected, Ethernet0
I 172.16.35.0/24 [100/7100] via 172.16.52.5, 00:00:13, Ethernet0
I 172.16.5.0/24 [100/1600] via 172.16.52.5, 00:00:13, Ethernet0
S* 172.16.0.0/16 [1/0] via 172.16.5.0
C 172.16.2.0/24 is directly connected, Loopback0
R2#
But then I got to thinking, "yo, what if the subnet we reference is
subnet zero?"
Now check out R2 (no static!):
Gateway of last resort is 172.16.52.5 to network 172.16.0.0
* 172.16.0.0/24 is subnetted, 5 subnets
C 172.16.52.0 is directly connected, Ethernet0
I 172.16.35.0 [100/7100] via 172.16.52.5, 00:01:16, Ethernet0
I* 172.16.0.0 [100/1600] via 172.16.52.5, 00:01:16, Ethernet0
C 172.16.2.0 is directly connected, Loopback0
R2#
Analysis, feedback, gotchas, etc. welcomed...
Regards,
Mas Kato
(Config snippets follow...)
!!!!!!!!!!
hostname R5
!
ip subnet-zero
!
interface Loopback0
ip address 172.16.0.5 255.255.255.0
!
interface Ethernet0
ip address 172.16.52.5 255.255.255.0
!
interface Serial1
bandwidth 2000
ip address 172.16.35.5 255.255.255.0
!
router ospf 1
log-adjacency-changes
redistribute igrp 1 metric 10 subnets route-map IGRPNETS
network 172.16.35.0 0.0.0.255 area 0
!
router igrp 1
redistribute ospf 1 metric 2000 2000 255 1 1500
passive-interface Serial1
network 172.16.0.0
!
ip classless
!
access-list 1 permit 172.16.0.0 0.0.0.255
access-list 1 permit 172.16.2.0 0.0.0.255
access-list 1 permit 172.16.52.0 0.0.0.255
route-map IGRPNETS permit 10
match ip address 1
!
end
R5#
!!!!!!!!!!
R2#
hostname R2
!
ip subnet-zero
!
interface Loopback0
ip address 172.16.2.1 255.255.255.0
!
interface Ethernet0
ip address 172.16.52.2 255.255.255.0
!
router igrp 1
network 172.16.0.0
!
ip classless
ip default-network 172.16.0.0
end
R2#
**Please read:http://www.groupstudy.com/list/posting.html
This archive was generated by hypermail 2.1.4 : Thu Jun 13 2002 - 10:30:32 GMT-3