Home / server / Questions / 791173
In Process
AndreasT
Asked: 2016-07-22 05:30:02 +0800 CST

Network Router interfaces "inside" and "outside" on the same switch and the same network

  • 772

Is it necessary for a router, that inside and outside are on a different (sub-)net?

As an example: We have the following setup in the field:

  • Network: 10.10.1.0/28
  • R1: Router with R1.outside access to internet
    • R1.inside: 10.10.1.1:
  • R2: Router creatig VPN Tunnel to system on the internet
    • R2.outside: 10.10.1.2 with 10.10.1.1 as default gw
    • R2.inside: 10.10.1.3
  • C: Ethernet capable controller
    • 10.10.1.4 with 10.10.1.4 (R2.inside) as default gw
  • All those interfaces are plugged into one switch (except R1.outside, which usually is a GPRS connection)
                     ^
                     |
                     |
           +---------+-------+
           |      Outside    |
           |                 |
           |    R1           |
           |                 |
           |      Inside     |
           +-------+---------+
                   |
                   |
                   |
                   |
  +-------------------------------------------+
  |                |                          |
  |  Switch   +    +      +           +       |
  |           |           |           |       |
  +-------------------------------------------+
              |           |           |
              |           |           |
              |           |           |
    +---------+--------+  |   +-------+-------+
    |      Outside     |  |   |               |
    |                  |  |   |               |
    |  R2              |  |   |      C1       |
    |                  |  |   |               |
    |      Inside      |  |   |               |
    +---------+--------+  |   +---------------+
              |           |
              +-----------+

The question in more detail:

  • by definition: Is there anything in the definition of a "router" that would disallow that setup? (Could not find anything in rfc1812 but I may have overlooked it)
  • in practice: Is there any practical reason, common implementation details etc, that would make this setup wrong or seriously discouraged?

(Edit: To clarify: The topology is a given. It may be ugly. It may have implications. The question is: Is it wrong?)

routing switch subnet

1 Answers

  1. A Cisco router will not let you have interfaces with overlapping IP address ranges (unless you start looking into VRF's).

    R1(config)#int fa0/0
R1(config-if)#ip address 10.10.1.2 255.255.255.240
R1(config-if)#int fa0/1
R1(config-if)#ip address 10.10.1.3 255.255.255.240
% 10.10.1.0 overlaps with FastEthernet0/0

    To be honest, the topology that you propose really doesn't make much sense to me. R2 doesn't seem to be serving any other purpose that as the default gateway for C1, however because everything is already in the same subnet, R1 can just be used as C1's default gateway.

    Even from a purely theoretical standpoint, if R1 was the default gateway for C1, it will most likely just issue an ICMP redirect telling C1 to use R1 as its next hop so R2 would not be being used anyway.

    Router interfaces should be used to route traffic between networks, not switch packets within the same subnet.

    • 2