The significance of dividing the subnet

Source: Internet
Author: User
The following is from the author of the "network administrator must read-Super network Management Experience" (2nd edition)   The first thing to understand here is what it means to make a molecular network, which is one of the things that many readers don't understand. As we all know, the use of subnetting subnet in the subnet division not only can not increase the new available IP address, but also loss of a part of the IP address. To illustrate this issue, we must first understand the concept of broadcasting in the local area network. We know that although the switch replaces the hub, the number of broadcast packets in the LAN is significantly reduced, because the switch has the MAC address learning function, packet sending can be sent directly to the destination node. But it still has to be broadcast to find the destination node in the first place, and some packets have to be transmitted by broadcast. Therefore, the problem of packet broadcast transmission still exists in the switched LAN. We all know that the so-called broadcast transmission, that is, to all nodes in the network to send the same packet, which is bound to occupy a considerable amount of network resources (because each broadcast packet hardware devices to analyze it), especially bandwidth resources. But the most annoying thing is that what really works for the terminal in these broadcast transmissions is just one of all the broadcast receivers, because the purpose of broadcasting is to query the target user's MAC address, so that is in all broadcast transmission, the vast majority of is not taken to any role, is purely a waste of resources. And the larger the network, the more resources the broadcast packet sends (because the more it will be transmitted over the radio), the more likely it is that a broadcast storm will be formed, and normal network traffic may be interrupted, causing the network to become paralyzed. Now, not a few hackers routinely use denial of service (DoS) similar to this approach, commonly used to attack some of the more famous web sites, only need to constantly send a large number of data packets to the Web server, so that the server is tired of processing these packets, the server's entire system and bandwidth resources, so that it eventually crashes. Knowing the above facts, we know the following aspects of dividing the subnet. First, one of the most important significance is to reduce the negative impact of broadcasting, improve performance of the overall performance. Because broadcast packets can only be transmitted in the same network segment, the network size is small, the number of users in the network is less, of course, the resources occupied are less. Second, the IP address resource is saved. This seems to contradict the previous reduction in the number of connected hosts, but it depends on the specific object. For the larger (more than 200 users) of the network, the number of IP addresses available after the molecular network is reduced, but if for those small small business networks, the network can save a lot of IP address resources. Because several small networks can share a large network address range, but also can take the role of isolation. For example, you are a school network management, now your school in different locations have four room, each room 25 machines, need to configure IP address and subnet mask for these machines. You might think it's easier to use 4 C-class addresses, one for each room, and one by one forIt's done. This is theoretically true, but did you ever think it would be wasteful, you wasted a total of (254-25) *4=916 IP address, if the public network also do as you do, then the Internet IP address already exhausted. By dividing the subnet, you can accommodate this relatively independent subnet in the same Class C network.

Again, because the different subnets can not communicate directly (but can be done through routers or gateways), in the network security situation is not optimistic today, the smaller the network, security is relatively high, because of the small intrusion. Especially for those corporate sensitive sectors, such as finance and personnel. Moreover, small networks can easily deploy special security policies, and in large networks these special security policies may affect the work of other users. The last one is easy to maintain. You know, a large network to find the point of failure is quite difficult, if the scale of the network is reduced, the scope of the search is small, and more convenient to maintain. "Experience" division of the subnet is not a benefit and no harm. It has two disadvantages: fewer hosts to connect (as opposed to larger networks) and no direct communication between subnets. Because each subnet has a network address and broadcast address is not a host address, so in a subnet there are 2 IP addresses are "wasted" off, the more subnets, the number of wasted IP address more. As for each subnet cannot communicate directly, it can be said to be both its benefits, but also its harm. Previously introduced, each subnet can not communicate, improve the security between the subnets, and for some departments to often through the network of enterprises, it will bring a lot of inconvenience, affect the efficiency. This should be carefully considered, but it also requires careful consideration when making subnetting. Of course, the connection between subnets can be achieved through a router or gateway, as shown in Figure 3-1. However, this may increase the investment in some devices (since small networks can be implemented using a software router or gateway that comes with the system without increasing investment).   To sum up, the molecular network is not applicable to all enterprises, nor is it applicable to all industries. For enterprises or industries with relatively independent work, it is advisable to delimit the molecular network. And for those IP resources are not enough, the links between the departments are very close to the best not to draw molecular networks.

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.