Dismiss Notice

Welcome To SNBForums

SNBForums is a community for anyone who wants to learn about or discuss the latest in wireless routers, network storage and the ins and outs of building and maintaining a small network.

If you'd like to post a question, simply register and have at it!

While you're at it, please check out SmallNetBuilder for product reviews and our famous Router Charts, Ranker and plenty more!

Appropriate router for managed office space

Discussion in 'Routers' started by Delnet, Jun 19, 2017.

  1. Delnet

    Delnet New Around Here

    Joined:
    Feb 11, 2012
    Messages:
    2
    Location:
    Brighton
    Hi,

    I'm looking for advice and a recommendation for a router for our new office space inside a managed building. We have been assigned a static IP address and subnet of 255.255.255.252 which I believe give us x.x.x.92-95. We came from an environment where we had BT Fibre and the setup was pretty simple, idiot proof.

    We moved into our new space today and it's clear our BT router isn't compatible with this setup but I'm not 100% sure which type of router we need. I'm guessing it's a WAN-LAN router to connect the managed service to our LAN which would give us something like 192.168.1.1-254 locally, just like our BT fibre router did.

    Is this correct? And if so, can you recommend a suitable router for a small business with ~20 employees?

    We are currently running off a 4G router and data plan which has bridged the gap until we find a solution.

    Thanks in advance!

    Del
     
  2. sfx2000

    sfx2000 Part of the Furniture

    Joined:
    Aug 11, 2011
    Messages:
    11,649
    Location:
    San Diego, CA
    Contact BT - they might have a good solution for you...

    Depending on how many seats you have, EdgeRouter X or a MicroTik hEX might be a working solution, along with one or more AP's

    Depends on your needs.
     
  3. ColinTaylor

    ColinTaylor Part of the Furniture

    Joined:
    Mar 31, 2014
    Messages:
    3,887
    Location:
    UK
    Be a bit careful here... A true subnet of 255.255.255.252 will give you 4 addresses but the lowest number (.92) is reserved for the network and the highest (.95) is reserved as the broadcast address, leaving 93 and 94 as the only usable addresses.

    http://jodies.de/ipcalc?host=10.0.0.92&mask1=255.255.255.252&mask2=

    It's possible that they have just given you 4 addresses out of their own larger pool. You'll also need to know the gateway address which presumably the management company has told you.

    You will probably only end up using 1 of your 2 (or 4) IP addresses, in which case more or less any "standard" router will do that has it's own firewall, NAT, DNS, DHCP, etc. (See the Asus RT-AC68U just as an example). What you don't want is one that has a built-in (ADSL/VDSL) modem.

    But as sfx pointed out, your purchase should be based on your other needs. Like how many wired ports do your need, what other network equipment are you connecting and how, do you need wireless, VPN, VLAN, etc.
     
    Last edited: Jun 19, 2017
  4. sfx2000

    sfx2000 Part of the Furniture

    Joined:
    Aug 11, 2011
    Messages:
    11,649
    Location:
    San Diego, CA
    A CIDR/30 is pretty handy, that's why I suggested the ERX/HEX devices over a consumer router...

    As @ColinTaylor says - it's two public IP's, which presents interesting opportunities for a small biz...

    (my ISP does the same thing actually, and I've exploited the heck out of it)
     
  5. coxhaus

    coxhaus Very Senior Member

    Joined:
    Oct 7, 2010
    Messages:
    1,578
    Location:
    texas
    I assume you don't really mean /30 as that is a point to point connection. You probably want to change your statement.
     
  6. ColinTaylor

    ColinTaylor Part of the Furniture

    Joined:
    Mar 31, 2014
    Messages:
    3,887
    Location:
    UK
    No, he really meant /30 as that is what the OP stated he had (255.255.255.252). It doesn't have to be a point to point link, although that is a common use of a /30 network.

    I did try to emphasize the point of whether or not the OP had a "true subnet", as apposed to being allocated 4 static IP's out of a larger network. As yet @Delnet has not replied so we don't know for sure.
     
    Last edited: Jun 20, 2017
  7. coxhaus

    coxhaus Very Senior Member

    Joined:
    Oct 7, 2010
    Messages:
    1,578
    Location:
    texas
    Yes a /30 is a 252 mask. If he has more IPs then he is not using a /30 mask.
     
  8. CaptainSTX

    CaptainSTX Very Senior Member

    Joined:
    May 2, 2012
    Messages:
    1,312
    It is my understanding is that a /30 gives you 4 IPs of which 2 are useable. I suppose the provider could have given him a /31 or /32 but the question for the OP is he will have more than one IP and if he does what he is going to do with them.
     
  9. coxhaus

    coxhaus Very Senior Member

    Joined:
    Oct 7, 2010
    Messages:
    1,578
    Location:
    texas
    A /30 gives you 4 IP addresses. One being the network IP address and one being the broadcast IP address which leaves one for his IP address and one for the up stream IP address.

    This whole thing started because I thought sfx2000 was recommending a router for more than 1 IP address.
     
  10. sfx2000

    sfx2000 Part of the Furniture

    Joined:
    Aug 11, 2011
    Messages:
    11,649
    Location:
    San Diego, CA
    If the building owner is giving him a .252 netmask, it's a /30

    A /30 on a direct drop give you two public IP addresses, and you can do what you want with them - the challenge with a /30 in consumer space is that both IP's can change at any given time - coxHSI is generally stable however, except when they not (like when rolling out updates on their network).

    The other fun thing about a /30 - it can give you up to 64 subnets if your router can handle it... Which is why I recommended something more than an off the shelf consumer router/AP - both the hex and erx should be fine here...

    BTW - /32 is a point link which is what most ISP's will give you on a DHCP consumer account.

    and /31 is not possible...

    CDIR rocks when you get the hang of it....

    Here's a handy cheatsheet...

    Code:
    Netmask              Netmask (binary)                 CIDR     Notes 
    _____________________________________________________________________________
    255.255.255.255  11111111.11111111.11111111.11111111  /32  Host (single addr)
    255.255.255.254  11111111.11111111.11111111.11111110  /31  Unuseable
    255.255.255.252  11111111.11111111.11111111.11111100  /30    2  useable
    255.255.255.248  11111111.11111111.11111111.11111000  /29    6  useable
    255.255.255.240  11111111.11111111.11111111.11110000  /28   14  useable
    255.255.255.224  11111111.11111111.11111111.11100000  /27   30  useable
    255.255.255.192  11111111.11111111.11111111.11000000  /26   62  useable
    255.255.255.128  11111111.11111111.11111111.10000000  /25  126  useable
    255.255.255.0    11111111.11111111.11111111.00000000  /24 "Class C" 254 useable
    
    255.255.254.0    11111111.11111111.11111110.00000000  /23    2  Class C's
    255.255.252.0    11111111.11111111.11111100.00000000  /22    4  Class C's
    255.255.248.0    11111111.11111111.11111000.00000000  /21    8  Class C's
    255.255.240.0    11111111.11111111.11110000.00000000  /20   16  Class C's
    255.255.224.0    11111111.11111111.11100000.00000000  /19   32  Class C's
    255.255.192.0    11111111.11111111.11000000.00000000  /18   64  Class C's
    255.255.128.0    11111111.11111111.10000000.00000000  /17  128  Class C's
    255.255.0.0      11111111.11111111.00000000.00000000  /16  "Class B"
     
    255.254.0.0      11111111.11111110.00000000.00000000  /15    2  Class B's
    255.252.0.0      11111111.11111100.00000000.00000000  /14    4  Class B's
    255.248.0.0      11111111.11111000.00000000.00000000  /13    8  Class B's
    255.240.0.0      11111111.11110000.00000000.00000000  /12   16  Class B's
    255.224.0.0      11111111.11100000.00000000.00000000  /11   32  Class B's
    255.192.0.0      11111111.11000000.00000000.00000000  /10   64  Class B's
    255.128.0.0      11111111.10000000.00000000.00000000  /9   128  Class B's
    255.0.0.0        11111111.00000000.00000000.00000000  /8   "Class A"
     
    254.0.0.0        11111110.00000000.00000000.00000000  /7
    252.0.0.0        11111100.00000000.00000000.00000000  /6
    248.0.0.0        11111000.00000000.00000000.00000000  /5
    240.0.0.0        11110000.00000000.00000000.00000000  /4
    224.0.0.0        11100000.00000000.00000000.00000000  /3
    192.0.0.0        11000000.00000000.00000000.00000000  /2
    128.0.0.0        10000000.00000000.00000000.00000000  /1
    0.0.0.0          00000000.00000000.00000000.00000000  /0   IP space
     
    Last edited: Jun 20, 2017
  11. ColinTaylor

    ColinTaylor Part of the Furniture

    Joined:
    Mar 31, 2014
    Messages:
    3,887
    Location:
    UK
  12. sfx2000

    sfx2000 Part of the Furniture

    Joined:
    Aug 11, 2011
    Messages:
    11,649
    Location:
    San Diego, CA
    that's a corner case - fair enough...

    I've never seen a /31 on the public internet, but I'm used to dealing with other pro's there in my daytime job ;)

    Internally - a /31 on a private block, may be useful, which is probably the real utility of that RFC at the end of the day. The /31 is essentially a point to point link, as @coxhaus mentioned above...

    After a bit of thought - I'm wondering if coxHSI is pushing out /30's because of brain-dead routers (or even CPE for their provided consumer prem equipment), if they have the address space, why not?

    Wouldn't be that much different - with ipv6, they'll typically push out a /64 prefix, but if the router asks for a /60, they'll grant it.
     
  13. coxhaus

    coxhaus Very Senior Member

    Joined:
    Oct 7, 2010
    Messages:
    1,578
    Location:
    texas
    So if you have /30 bit mask and have both IPs assigned to the user how is the data getting back to the ISP? Is it at a routing level, layer 3? I would think working at layer 3 would be slower than working at layer 2?

    Oh and by the way I have been doing IPv4 CDIRs for many years. You don't pass Cisco certification without knowing CDIRs. I am out of date now days but I know all the old stuff.

    /31 is used for the even odd thing.
     
    Last edited: Jun 21, 2017
  14. coxhaus

    coxhaus Very Senior Member

    Joined:
    Oct 7, 2010
    Messages:
    1,578
    Location:
    texas
    Using the /31 bit mask is kind of new, well in the last 10 years. If you use a /31 mask you end up with either even or odd IP addresses depends on which IP address you start with. The other thing is you can use /31 mask for a point to point by not having a broadcast IP address. Yes I know all networks are required to have a broadcast IP address but I just looked it up. A point to point never uses a broadcast IP so it works. This was never done in the old days but I guess we are running out of IP addresses. In the old days /30 mask was considered a point to point network.

    So nobody knows how the data gets back to the ISP if the user has both IPs of a /30 mask?
     
  15. sfx2000

    sfx2000 Part of the Furniture

    Joined:
    Aug 11, 2011
    Messages:
    11,649
    Location:
    San Diego, CA
    @coxhaus - I'm not really following your train of thought here with a gateway/host needing two IP's...
     
  16. sfx2000

    sfx2000 Part of the Furniture

    Joined:
    Aug 11, 2011
    Messages:
    11,649
    Location:
    San Diego, CA
    Routing is layer 3 - for that, I'm reasonable certain we can both agree on that...

    With a managed layer 3 switch, that's where a /30 can be fun - if you mock this up in a simulator or lab, you'll see what I mean...
     
  17. sfx2000

    sfx2000 Part of the Furniture

    Joined:
    Aug 11, 2011
    Messages:
    11,649
    Location:
    San Diego, CA
    Getting the thread back on topic - OP's description regarding his new office - the incumbent providers (ATT/CoxBusiness/etc) usually work out a captive agreement with the building owner...

    Everyone ends up on the same provider, and bandwidth costs are part of the lease. Keeps things simple for the building owner and their tenants.

    You'll see the provider then drop in a fiber link to the building, along with an appropriately sized switch...

    Very common in multi-tenant office buildings and industrial parks these days...
     
  18. ColinTaylor

    ColinTaylor Part of the Furniture

    Joined:
    Mar 31, 2014
    Messages:
    3,887
    Location:
    UK
    I think @coxhaus was wondering the same thing as me. On a normal routed network (rather than point to point) you would have 1) a network address, 2) a broadcast address, 3) a gateway address (for routing to occur) and 4) host addresses.

    That means on a /30 network 3 of the 4 possible addresses are already allocated leaving just 1 not 2.

    I'm guessing that as the OP hasn't returned since posting the question the whole thing is now moot.
     
  19. sfx2000

    sfx2000 Part of the Furniture

    Joined:
    Aug 11, 2011
    Messages:
    11,649
    Location:
    San Diego, CA
    Cox does this in their residential configs...

    assign a /30 to each customer - my thoughts here is that typically they would have two customer endpoints - one for broadband services, the other for a VOIP pad if the customer has their dialtone/pstn service - video is handled at l2 via docsis (they do sdv there, not iptv) - they're not doing vlan's there (yet)

    so for me - I'm 68.aa.bb.144 - that's the host and network ip - as we're routed there, not switched
    GW addr is 68.aa.bb.1 (which is shared across all on the /24 block)
    broadcast is 68.aa.bb.255 (again, shared across the /24 block)

    which leaves me with two usable host IP's, which at the moment I'm only using one, but the other one would be active if I decided to use it.

    If one wanted to be really clever, /30 also provides for up to 64 subnets - I don't think I'd play around inside that with Cox's network though...

    The modem itself is essentially a layer 2 device - it has a management address, in my case it's a 10dot for their management interface.

    Put it into a simulator, and you'll see what I mean...
     
  20. sfx2000

    sfx2000 Part of the Furniture

    Joined:
    Aug 11, 2011
    Messages:
    11,649
    Location:
    San Diego, CA
    How we discovered what cox was doing - was debugging a Cisco IP-Phone as it wasn't doing the RTP side (possible SIP/ALG issue), so we dropped in a hub between the modem and the router, and the phone grabbed a public IP and no services were impacted... it was odd...

    (the problem with the phone ended up being a bad config provisioned in the phone itself)

    speaking with one of the cox engineers afterwords - he said don't worry about it :D
     

Share This Page