Enterasys Networks Network Card User Manual

28

RiverMaster Administrator’s Guide

Before You Begin

Chapter 3

Configuring an ANG-3000/7000

Virtual subnets can use both legitimate IP addresses (unique addresses
purchased and registered by your company) and non-routable address ranges
reserved for private network use only. These reserved address ranges include:

H 10.0.0.0 to 10.255.255.254 on a Class A network
H 172.16.0.0 to 172.30.255.254 on a Class B network. Although 172.31.0.0

to 172.31.255.254 is also a reserved range, you cannot define virtual
subnets within this range because addresses in that range may be
taken by the ANG for internal use.

H 192.168.0.0 to 192.168.255.254 on a Class C network

These addresses are not routable outside your corporate network. By using
these addresses for remote clients, you can preserve the routable IP addresses
for LAN devices.

NOTE

If you allocate addresses from one of these non-routable ranges and you

want remote clients to be able to browse the Internet while connected,

you must enable the Intelligent Client Routing described on page 31 or

use network address translation.

There are several advantages to using virtual subnets over other IP address
allocation techniques:

H The ANG can advertise the virtual subnets before remote clients

connect. Using the other techniques, the ANG would only create a
host route when the client connected. Because routing protocols may
take as long as 30 seconds per router to propagate a host route, the
client may remain unreachable for a period of time.

H Creating individual host routes for each remote client as they connect

may overload the network’s routers. Because ANG-5000s support
5000 tunnels (ANG-3000s support 500 tunnels), each router may
become burdened with 5000 routes in its route table.Virtual subnets
can be quickly and easily scaled up to accommodate large number of
remote clients. You can modify the subnet mask for an existing
virtual subnet to provide additional addresses or create entire new
virtual subnets.