Crossing two subnets on home network Announcing the arrival of Valued Associate #679: Cesar...
How to bypass password on Windows XP account?
3 doors, three guards, one stone
What is the logic behind the Maharil's explanation of why we don't say שעשה ניסים on Pesach?
Apollo command module space walk?
What is the meaning of the new sigil in Game of Thrones Season 8 intro?
Output the ŋarâþ crîþ alphabet song without using (m)any letters
Denied boarding although I have proper visa and documentation. To whom should I make a complaint?
Storing hydrofluoric acid before the invention of plastics
How to react to hostile behavior from a senior developer?
Ring Automorphisms that fix 1.
Can inflation occur in a positive-sum game currency system such as the Stack Exchange reputation system?
Book where humans were engineered with genes from animal species to survive hostile planets
Why do we bend a book to keep it straight?
Is the Standard Deduction better than Itemized when both are the same amount?
Why are there no cargo aircraft with "flying wing" design?
Error "illegal generic type for instanceof" when using local classes
Is it fair for a professor to grade us on the possession of past papers?
Fundamental Solution of the Pell Equation
How come Sam didn't become Lord of Horn Hill?
Can I cast Passwall to drop an enemy into a 20-foot pit?
Should I use a zero-interest credit card for a large one-time purchase?
What would be the ideal power source for a cybernetic eye?
Seeking colloquialism for “just because”
Understanding Ceva's Theorem
Crossing two subnets on home network
Announcing the arrival of Valued Associate #679: Cesar Manara
Planned maintenance scheduled April 17/18, 2019 at 00:00UTC (8:00pm US/Eastern)Allow two subnets to talk to each other over a wireless bridgeTwo routers for two subnetsHow to Connect two LANs?Allow two subnets to talk to each other over a wireless bridgeAccess across subnetsAssigning IP addresses and subnetting on a home networkDual ISP/Network, Force DHCP Clients to One?how to configure isc dchp server with different subnets with different wl-access pointsNon IP-based policy routing on home network across subnetsTrouble setting up home network ( isolating home server )Why does this work?
.everyoneloves__top-leaderboard:empty,.everyoneloves__mid-leaderboard:empty,.everyoneloves__bot-mid-leaderboard:empty{ height:90px;width:728px;box-sizing:border-box;
}
I've got a similar issue to Allow two subnets to talk to each other over a wireless bridge
where my ISP's Modem/Router was the DHCP server and everything on my network was on the 192.168.1.x subnet, but I bought a second Netgear router to replace a Wifi repeater as I wanted a more reliable signal but also better parental controls.
Unfortunately to be able to use parental controls, the second router (connected to the ISP modem/router via Ethernet) forces me to configure it over a WAN connection to my modem/router and use a new 192.168.2.x subnet with it acting also as a DHCP server.
Now my devices connected to my modem/router on 192.168.1.x can't see everything else connected to the Netgear on 192.168.2.x.
What's the best way to resolve this? Configure both modem/router and Netgear router to use a subnet mask of 255.255.224.0? Or is there more to it than that? Sorry I'm at the limit of my networking knowledge!!
thanks
networking router dhcp
asked 18 hours ago
Colin MColin M
1
New contributor
Colin M is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
add a comment |
I've got a similar issue to Allow two subnets to talk to each other over a wireless bridge
where my ISP's Modem/Router was the DHCP server and everything on my network was on the 192.168.1.x subnet, but I bought a second Netgear router to replace a Wifi repeater as I wanted a more reliable signal but also better parental controls.
Unfortunately to be able to use parental controls, the second router (connected to the ISP modem/router via Ethernet) forces me to configure it over a WAN connection to my modem/router and use a new 192.168.2.x subnet with it acting also as a DHCP server.
Now my devices connected to my modem/router on 192.168.1.x can't see everything else connected to the Netgear on 192.168.2.x.
What's the best way to resolve this? Configure both modem/router and Netgear router to use a subnet mask of 255.255.224.0? Or is there more to it than that? Sorry I'm at the limit of my networking knowledge!!
thanks
networking router dhcp
asked 18 hours ago
Colin MColin M
1
New contributor
Colin M is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
add a comment |
I've got a similar issue to Allow two subnets to talk to each other over a wireless bridge
where my ISP's Modem/Router was the DHCP server and everything on my network was on the 192.168.1.x subnet, but I bought a second Netgear router to replace a Wifi repeater as I wanted a more reliable signal but also better parental controls.
Unfortunately to be able to use parental controls, the second router (connected to the ISP modem/router via Ethernet) forces me to configure it over a WAN connection to my modem/router and use a new 192.168.2.x subnet with it acting also as a DHCP server.
Now my devices connected to my modem/router on 192.168.1.x can't see everything else connected to the Netgear on 192.168.2.x.
What's the best way to resolve this? Configure both modem/router and Netgear router to use a subnet mask of 255.255.224.0? Or is there more to it than that? Sorry I'm at the limit of my networking knowledge!!
thanks
networking router dhcp
asked 18 hours ago
Colin MColin M
1
New contributor
Colin M is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
I've got a similar issue to Allow two subnets to talk to each other over a wireless bridge
where my ISP's Modem/Router was the DHCP server and everything on my network was on the 192.168.1.x subnet, but I bought a second Netgear router to replace a Wifi repeater as I wanted a more reliable signal but also better parental controls.
Unfortunately to be able to use parental controls, the second router (connected to the ISP modem/router via Ethernet) forces me to configure it over a WAN connection to my modem/router and use a new 192.168.2.x subnet with it acting also as a DHCP server.
Now my devices connected to my modem/router on 192.168.1.x can't see everything else connected to the Netgear on 192.168.2.x.
What's the best way to resolve this? Configure both modem/router and Netgear router to use a subnet mask of 255.255.224.0? Or is there more to it than that? Sorry I'm at the limit of my networking knowledge!!
thanks
networking router dhcp
networking router dhcp
asked 18 hours ago
Colin MColin M
1
New contributor
Colin M is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
asked 18 hours ago
Colin MColin M
1
New contributor
Colin M is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
asked 18 hours ago
Colin MColin M
1
New contributor
Colin M is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
asked 18 hours ago
Colin MColin M
1
asked 18 hours ago
Colin MColin M
1
1
New contributor
Colin M is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
New contributor
Colin M is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
Colin M is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
add a comment |
add a comment |
1 Answer
1
active
oldest
votes
The subnet mask informs devices about whether direct communication is possible ("direct" here means "at Ethernet/MAC layer"). However, it doesn't physically make those communications possible – and in your case, they are not, because there is a router in the middle.
Generally, the subnet mask trick would only work if you switched the Netgear into "bridge" mode and put all devices on a single network with no isolation between them – which indeed is the usual suggestion when people just want a second Wi-Fi access point and have no actual need for the routing functionality.
But as you've stated, you specifically want a router in order to keep the two subnets separate. So using a broader subnet mask is generally the wrong choice because it's the opposite of what you want, and it won't work anyway with a router in the middle.
Method 1
There's an exception to the above: you can use a broader subnet mask if the middle router supports the "Proxy ARP" feature. Enabling this makes the router respond to direct ARP queries on behalf of devices on the "other side", essentially tricking devices into thinking that they're sending packets directly to the other device, while in reality they're talking to a router.
So if the Netgear supports "Proxy-ARP", enable it only on the WAN interface (facing the ISP-router), and then you can configure devices on 192.168.1.x to use a broader subnet mask such as /22 (255.255.252.0) or indeed even /19 (255.255.224.0), although the latter is unnecessarily broad.
Note that the 192.168.2.x side is not changed, as it can already successfully send packets to the ISP-router's subnet due to the Netgear being directly connected to both subnets.
Method 2 and 2½
Routers can already forward traffic between different subnets without any of this proxy-ARP trickery; indeed that's what routers do. Usually the main configuration that is necessary is to tell each side about which router to use for reaching which subnet.
So what you should do is configure a "static route" towards 192.168.2.0 on your ISP-issued router. In the route settings page, fill in the Netgear 'WAN' (192.168.1.x) address as the "gateway" to use.
If the ISP-router makes this impossible, you can also configure the same route on each 192.168.1.x computer individually; that's the second option. (Windows/Linux/macOS support route configuration via ip route or route commands, but other devices usually don't.)
The reverse route does not need to be added manually – the Netgear already has an automatic route to 192.168.1.0 because it is directly attached to that subnet, after all.
There's a slight downside to the second method above (i.e. configuring a route on the ISP-router) – it means all packets from 192.168.1.x to 192.168.2.x first go towards the ISP-router and are bounced back towards the Netgear. It isn't the most efficient data path, but it'll do.
The other two methods do not have this problem. On the other hand, configuring routes on individual computers can be a lot of manual work, meanwhile proxy-ARP is usually not available on low-end routers. (Also, proxy-ARP is the duct tape of networking and I shouldn't have listed it as the first option or possibly even at all, but it'll do.)
answered 51 mins ago
grawitygrawity
244k37515576
add a comment |
Your Answer
StackExchange.ready(function() {
var channelOptions = {
tags: "".split(" "),
id: "3"
};
initTagRenderer("".split(" "), "".split(" "), channelOptions);
StackExchange.using("externalEditor", function() {
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled) {
StackExchange.using("snippets", function() {
createEditor();
});
}
else {
createEditor();
}
});
function createEditor() {
StackExchange.prepareEditor({
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: true,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: 10,
bindNavPrevention: true,
postfix: "",
imageUploader: {
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
},
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
});
}
});
Colin M is a new contributor. Be nice, and check out our Code of Conduct.
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fsuperuser.com%2fquestions%2f1426075%2fcrossing-two-subnets-on-home-network%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
1 Answer
1
active
oldest
votes
1 Answer
1
active
oldest
votes
active
oldest
votes
active
oldest
votes
The subnet mask informs devices about whether direct communication is possible ("direct" here means "at Ethernet/MAC layer"). However, it doesn't physically make those communications possible – and in your case, they are not, because there is a router in the middle.
Generally, the subnet mask trick would only work if you switched the Netgear into "bridge" mode and put all devices on a single network with no isolation between them – which indeed is the usual suggestion when people just want a second Wi-Fi access point and have no actual need for the routing functionality.
But as you've stated, you specifically want a router in order to keep the two subnets separate. So using a broader subnet mask is generally the wrong choice because it's the opposite of what you want, and it won't work anyway with a router in the middle.
Method 1
There's an exception to the above: you can use a broader subnet mask if the middle router supports the "Proxy ARP" feature. Enabling this makes the router respond to direct ARP queries on behalf of devices on the "other side", essentially tricking devices into thinking that they're sending packets directly to the other device, while in reality they're talking to a router.
So if the Netgear supports "Proxy-ARP", enable it only on the WAN interface (facing the ISP-router), and then you can configure devices on 192.168.1.x to use a broader subnet mask such as /22 (255.255.252.0) or indeed even /19 (255.255.224.0), although the latter is unnecessarily broad.
Note that the 192.168.2.x side is not changed, as it can already successfully send packets to the ISP-router's subnet due to the Netgear being directly connected to both subnets.
Method 2 and 2½
Routers can already forward traffic between different subnets without any of this proxy-ARP trickery; indeed that's what routers do. Usually the main configuration that is necessary is to tell each side about which router to use for reaching which subnet.
So what you should do is configure a "static route" towards 192.168.2.0 on your ISP-issued router. In the route settings page, fill in the Netgear 'WAN' (192.168.1.x) address as the "gateway" to use.
If the ISP-router makes this impossible, you can also configure the same route on each 192.168.1.x computer individually; that's the second option. (Windows/Linux/macOS support route configuration via ip route or route commands, but other devices usually don't.)
The reverse route does not need to be added manually – the Netgear already has an automatic route to 192.168.1.0 because it is directly attached to that subnet, after all.
There's a slight downside to the second method above (i.e. configuring a route on the ISP-router) – it means all packets from 192.168.1.x to 192.168.2.x first go towards the ISP-router and are bounced back towards the Netgear. It isn't the most efficient data path, but it'll do.
The other two methods do not have this problem. On the other hand, configuring routes on individual computers can be a lot of manual work, meanwhile proxy-ARP is usually not available on low-end routers. (Also, proxy-ARP is the duct tape of networking and I shouldn't have listed it as the first option or possibly even at all, but it'll do.)
answered 51 mins ago
grawitygrawity
244k37515576
add a comment |
The subnet mask informs devices about whether direct communication is possible ("direct" here means "at Ethernet/MAC layer"). However, it doesn't physically make those communications possible – and in your case, they are not, because there is a router in the middle.
Generally, the subnet mask trick would only work if you switched the Netgear into "bridge" mode and put all devices on a single network with no isolation between them – which indeed is the usual suggestion when people just want a second Wi-Fi access point and have no actual need for the routing functionality.
But as you've stated, you specifically want a router in order to keep the two subnets separate. So using a broader subnet mask is generally the wrong choice because it's the opposite of what you want, and it won't work anyway with a router in the middle.
Method 1
There's an exception to the above: you can use a broader subnet mask if the middle router supports the "Proxy ARP" feature. Enabling this makes the router respond to direct ARP queries on behalf of devices on the "other side", essentially tricking devices into thinking that they're sending packets directly to the other device, while in reality they're talking to a router.
So if the Netgear supports "Proxy-ARP", enable it only on the WAN interface (facing the ISP-router), and then you can configure devices on 192.168.1.x to use a broader subnet mask such as /22 (255.255.252.0) or indeed even /19 (255.255.224.0), although the latter is unnecessarily broad.
Note that the 192.168.2.x side is not changed, as it can already successfully send packets to the ISP-router's subnet due to the Netgear being directly connected to both subnets.
Method 2 and 2½
Routers can already forward traffic between different subnets without any of this proxy-ARP trickery; indeed that's what routers do. Usually the main configuration that is necessary is to tell each side about which router to use for reaching which subnet.
So what you should do is configure a "static route" towards 192.168.2.0 on your ISP-issued router. In the route settings page, fill in the Netgear 'WAN' (192.168.1.x) address as the "gateway" to use.
If the ISP-router makes this impossible, you can also configure the same route on each 192.168.1.x computer individually; that's the second option. (Windows/Linux/macOS support route configuration via ip route or route commands, but other devices usually don't.)
The reverse route does not need to be added manually – the Netgear already has an automatic route to 192.168.1.0 because it is directly attached to that subnet, after all.
There's a slight downside to the second method above (i.e. configuring a route on the ISP-router) – it means all packets from 192.168.1.x to 192.168.2.x first go towards the ISP-router and are bounced back towards the Netgear. It isn't the most efficient data path, but it'll do.
The other two methods do not have this problem. On the other hand, configuring routes on individual computers can be a lot of manual work, meanwhile proxy-ARP is usually not available on low-end routers. (Also, proxy-ARP is the duct tape of networking and I shouldn't have listed it as the first option or possibly even at all, but it'll do.)
answered 51 mins ago
grawitygrawity
244k37515576
add a comment |
The subnet mask informs devices about whether direct communication is possible ("direct" here means "at Ethernet/MAC layer"). However, it doesn't physically make those communications possible – and in your case, they are not, because there is a router in the middle.
Generally, the subnet mask trick would only work if you switched the Netgear into "bridge" mode and put all devices on a single network with no isolation between them – which indeed is the usual suggestion when people just want a second Wi-Fi access point and have no actual need for the routing functionality.
But as you've stated, you specifically want a router in order to keep the two subnets separate. So using a broader subnet mask is generally the wrong choice because it's the opposite of what you want, and it won't work anyway with a router in the middle.
Method 1
There's an exception to the above: you can use a broader subnet mask if the middle router supports the "Proxy ARP" feature. Enabling this makes the router respond to direct ARP queries on behalf of devices on the "other side", essentially tricking devices into thinking that they're sending packets directly to the other device, while in reality they're talking to a router.
So if the Netgear supports "Proxy-ARP", enable it only on the WAN interface (facing the ISP-router), and then you can configure devices on 192.168.1.x to use a broader subnet mask such as /22 (255.255.252.0) or indeed even /19 (255.255.224.0), although the latter is unnecessarily broad.
Note that the 192.168.2.x side is not changed, as it can already successfully send packets to the ISP-router's subnet due to the Netgear being directly connected to both subnets.
Method 2 and 2½
Routers can already forward traffic between different subnets without any of this proxy-ARP trickery; indeed that's what routers do. Usually the main configuration that is necessary is to tell each side about which router to use for reaching which subnet.
So what you should do is configure a "static route" towards 192.168.2.0 on your ISP-issued router. In the route settings page, fill in the Netgear 'WAN' (192.168.1.x) address as the "gateway" to use.
If the ISP-router makes this impossible, you can also configure the same route on each 192.168.1.x computer individually; that's the second option. (Windows/Linux/macOS support route configuration via ip route or route commands, but other devices usually don't.)
The reverse route does not need to be added manually – the Netgear already has an automatic route to 192.168.1.0 because it is directly attached to that subnet, after all.
There's a slight downside to the second method above (i.e. configuring a route on the ISP-router) – it means all packets from 192.168.1.x to 192.168.2.x first go towards the ISP-router and are bounced back towards the Netgear. It isn't the most efficient data path, but it'll do.
The other two methods do not have this problem. On the other hand, configuring routes on individual computers can be a lot of manual work, meanwhile proxy-ARP is usually not available on low-end routers. (Also, proxy-ARP is the duct tape of networking and I shouldn't have listed it as the first option or possibly even at all, but it'll do.)
answered 51 mins ago
grawitygrawity
244k37515576
The subnet mask informs devices about whether direct communication is possible ("direct" here means "at Ethernet/MAC layer"). However, it doesn't physically make those communications possible – and in your case, they are not, because there is a router in the middle.
Generally, the subnet mask trick would only work if you switched the Netgear into "bridge" mode and put all devices on a single network with no isolation between them – which indeed is the usual suggestion when people just want a second Wi-Fi access point and have no actual need for the routing functionality.
But as you've stated, you specifically want a router in order to keep the two subnets separate. So using a broader subnet mask is generally the wrong choice because it's the opposite of what you want, and it won't work anyway with a router in the middle.
Method 1
There's an exception to the above: you can use a broader subnet mask if the middle router supports the "Proxy ARP" feature. Enabling this makes the router respond to direct ARP queries on behalf of devices on the "other side", essentially tricking devices into thinking that they're sending packets directly to the other device, while in reality they're talking to a router.
So if the Netgear supports "Proxy-ARP", enable it only on the WAN interface (facing the ISP-router), and then you can configure devices on 192.168.1.x to use a broader subnet mask such as /22 (255.255.252.0) or indeed even /19 (255.255.224.0), although the latter is unnecessarily broad.
Note that the 192.168.2.x side is not changed, as it can already successfully send packets to the ISP-router's subnet due to the Netgear being directly connected to both subnets.
Method 2 and 2½
Routers can already forward traffic between different subnets without any of this proxy-ARP trickery; indeed that's what routers do. Usually the main configuration that is necessary is to tell each side about which router to use for reaching which subnet.
So what you should do is configure a "static route" towards 192.168.2.0 on your ISP-issued router. In the route settings page, fill in the Netgear 'WAN' (192.168.1.x) address as the "gateway" to use.
If the ISP-router makes this impossible, you can also configure the same route on each 192.168.1.x computer individually; that's the second option. (Windows/Linux/macOS support route configuration via ip route or route commands, but other devices usually don't.)
The reverse route does not need to be added manually – the Netgear already has an automatic route to 192.168.1.0 because it is directly attached to that subnet, after all.
There's a slight downside to the second method above (i.e. configuring a route on the ISP-router) – it means all packets from 192.168.1.x to 192.168.2.x first go towards the ISP-router and are bounced back towards the Netgear. It isn't the most efficient data path, but it'll do.
The other two methods do not have this problem. On the other hand, configuring routes on individual computers can be a lot of manual work, meanwhile proxy-ARP is usually not available on low-end routers. (Also, proxy-ARP is the duct tape of networking and I shouldn't have listed it as the first option or possibly even at all, but it'll do.)
answered 51 mins ago
grawitygrawity
244k37515576
answered 51 mins ago
grawitygrawity
244k37515576
answered 51 mins ago
grawitygrawity
244k37515576
answered 51 mins ago
grawitygrawity
244k37515576
244k37515576
add a comment |
add a comment |
Colin M is a new contributor. Be nice, and check out our Code of Conduct.
Colin M is a new contributor. Be nice, and check out our Code of Conduct.
Colin M is a new contributor. Be nice, and check out our Code of Conduct.
Colin M is a new contributor. Be nice, and check out our Code of Conduct.
Thanks for contributing an answer to Super User!
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fsuperuser.com%2fquestions%2f1426075%2fcrossing-two-subnets-on-home-network%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
