Subnet Setup for C4 equipment

Amr · June 6, 2019

Hello all, I’m running out of IP’s for having a higher number of IP devices, I therefore have to either go for /23 instead of /24 or use VLANs.

As the later is not straightforward, I decided to go the /23 route, issue is my Huawei GPON Internet Gateway router, does not support 255.255.254.0 so am a bit stuck, but went on and did the change on all devices, I kept my HC800 on xxx.xxx.1.xxx/ 255.255.254.0 and moved all C4 gear to xxx.xxx.0.xxx/ 255.255.254.0 with the gateway pointed to the Internet Gateway, is this a good practice?

My argument; all other C4 gear doesn’t need Internet to communicate, only the main controller, so?

Also all my Ubiquiti AP’s moved to xxx.xxx.0.xxx and works flawlessly!

Cyknight · June 7, 2019

3 hours ago, Amr said:

Huawei GPON Internet Gateway router

THAT is not good practice. ISP router shouldn't be handling your system at all.

C4 as such can certainly handle a/23 setup, so that certainly is an option.

Please invest a small amount into an appropriate router, then go ahead and expand the subnetmask.

If you want to stick with ubiquity, a USG will do fine.

Amr · June 7, 2019

1 hour ago, Cyknight said:

THAT is not good practice. ISP router shouldn't be handling your system at all.

What do you mean by Handling? I do have a USG that I didn’t use till now.

ekohn00 · June 7, 2019

13 hours ago, Amr said:

As the later is not straightforward, I decided to go the /23 route, issue is my Huawei GPON Internet Gateway router, does not support 255.255.254.0 so am a bit stuck, but went on and did the change on all devices, I kept my HC800 on xxx.xxx.1.xxx/ 255.255.254.0 and moved all C4 gear to xxx.xxx.0.xxx/ 255.255.254.0 with the gateway pointed to the Internet Gateway, is this a good practice?

No this is not good practice at all.

Your router/firewall should be set up with a public address and a private address. Public, obviously is the public address your provider gives you. Your gateway is your private side, almost always the .1 address for your block and on the interface to your router/FW.

Also amazed that you'd be running out of space with a /24, assuming this is for a home use. But if you really are, add an additional network on your FW/Router with a /24 and do some planning of how to separate device. (ie routers/switches, C4 devices on one network and PC/phones/games on another).

13 hours ago, Amr said:

Hello all, I’m running out of IP’s for having a higher number of IP devices, I therefore have to either go for /23 instead of /24 or use VLANs.

As a final note, there's no logic in creating a VLAN because you ran out of addresses....VLANs don't increase address space. This sounds more like you're not efficiently using your available space??

Amr · June 7, 2019

29 minutes ago, ekohn00 said:

No this is not good practice at all.

Also amazed that you'd be running out of space with a /24, assuming this is for a home use. But if you really are, add an additional network on your FW/Router with a /24 and do some planning of how to separate device. (ie routers/switches, C4 devices on one network and PC/phones/games on another).

As a final note, there's no logic in creating a VLAN because you ran out of addresses....VLANs don't increase address space. This sounds more like you're not efficiently using your available space??

Not sure you get VLAN’s concept! They do extend the IP range by creating another 255 address, but it requires setup on the routing side to allow communications between them. A separate network is what VLAN is all about, but not like you describe it.

Also what is amazing about having more than 255 IP devices, it is not normal I know but I do have a large house, large number of IP devices, and a big family. What is efficient use of space? My DHCP assign IP address efficiently. Am reducing the use of WiFi devices as much as I can, e.g. went Zigbee with LeakSmart instead of WiFi.

Anyways, I was hopping for a tip, I already running now with no issue at all, although not best practice but it works so far, am keeping things under monitoring to see if am missing anything.

dcovach · June 7, 2019

3 minutes ago, Amr said:

Not sure you get VLAN’s concept! They do extend the IP range by creating another 255 address, but it requires setup on the routing side to allow communications between them. A separate network is what VLAN is all about, but not like you describe it.

Also what is amazing about having more than 255 IP devices, it is not normal I know but I do have a large house and a large number of IP devices, what is efficient use of space? My DHCP assign IP address efficiently. Am reducing the use of WiFi devices as much as I can, e.g. went Zigbee with LeakSmart instead of WiFi.

Anyways, I was hopping for a tip, I already running now with no issue at all, although not best practice but it works so far, am keeping things under monitoring to see if am missing anything.

Didn't I see you post something recently asking about the recommended amount of times a controller should be rebooted within a certain duration? Can't remember exactly how you worded it but the fact that you're using an ISP modem/router combo could explain the need for frequent controller reboots.

I'm just commenting on what I vaguely remember.

ekohn00 · June 7, 2019

13 minutes ago, Amr said:

Not sure you get VLAN’s concept! They do extend the IP range by creating another 255 address, but it requires setup on the routing side to allow communications between them. A separate network is what VLAN is all about, but not like you describe it.

Actually the VLAN doesn't extend a range.....they lump and existing range into a virtual network. IPs are physical, vlans are logical.

15 minutes ago, Amr said:

Anyways, I was hopping for a tip, I already running now with no issue at all, although not best practice but it works so far, am keeping things under monitoring to see if am missing anything.

I think he most obvious tip is your gateway should never be a public address.

Amr · June 7, 2019

37 minutes ago, dcovach said:

Didn't I see you post something recently asking about the recommended amount of times a controller should be rebooted within a certain duration? Can't remember exactly how you worded it but the fact that you're using an ISP modem/router combo could explain the need for frequent controller reboots.

I'm just commenting on what I vaguely remember.

Yes, it’s the post just before this one , not related at all.

My dealer had created some custom programing that was not ideal at all, I related all the issues I had to bad programming, helped him and cleaned up most of the odd setup(s) by tipping on the best way to use the drivers, I remember one of the issues was Plex Full Driver has some weird virtual switches, used the correct connections setup and removed all that funcky “Don’t Remove” devices!

I have no hacking into my home am not aware off, also I don’t want to blame Huawei Gateway, I have Domotz and Fing and I will for sure use a USG I have but did not setup till now.

Amr · June 7, 2019

Thank you all for the tip, a USG is my way forward, will spend some time getting it ready before I do the cutover.

Cyknight · June 7, 2019

13 hours ago, Amr said:

What do you mean by Handling? I do have a USG that I didn’t use till now.

I simply mean your system shouldn't be running on the ISP (internet service provider) router. They have proven time and time again to just not be able to handle large amounts of devices, especially not large amount of connections (ie a single device can have multiple connections).

If you have an USG, use it!

Amr · June 7, 2019

4 hours ago, Cyknight said:

I simply mean your system shouldn't be running on the ISP (internet service provider) router. They have proven time and time again to just not be able to handle large amounts of devices, especially not large amount of connections (ie a single device can have multiple connections).

If you have an USG, use it!

I don't use ISP router except for Internet, everything else is running outside, e.g. DHCP, etc. Anyways Am running USG.

c4toys · June 7, 2019

1 hour ago, Amr said:

I don't use ISP router except for Internet, everything else is running outside, e.g. DHCP, etc. Anyways Am running USG.

You don't get it... don't use the isp router

Amr · June 8, 2019

21 minutes ago, c4toys said:

You don't get it... don't use the isp router

This is an FTTH router (GPON = Gigabit Passive Optical Networks) that I have to use, I cannot use any other router, Get it?

ekohn00 · June 8, 2019

2 hours ago, Amr said:

This is an FTTH router (GPON = Gigabit Passive Optical Networks) that I have to use, I cannot use any other router, Get it?

I don't think you get the specifics, or you're not being clear. You're given an FFTH, but what's an absolute is the ONT part, that's what changes the fiber to copper and clearly why you must use the device.. Those of us in the states that have FIOS have an ONT on/in our house, and the router is a separate box making it easy to remove.

You "should" be able to take these devices and set them up in a passive/bridge mode. this means there is NO ROUTING or higher layer functions, it just delivers a public address to your USG, but is subject to your providers policies (ie they may lock you out of the FTTH)

If you can't deliver a the public IP to your USG, you're screwed as your either going to have to define the IPs on the FTTH or configure the WAN side of the USG as DHCP. It'll get a NAT DHCP address from the modem. Then the USG can do DHCP for your internal network. The problem is double NAT.

Cyknight · June 8, 2019

11 minutes ago, ekohn00 said:

I don't think you get the specifics, or you're not being clear. You're given an FFTH, but what's an absolute is the ONT part, that's what changes the fiber to copper and clearly why you must use the device.. Those of us in the states that have FIOS have an ONT on/in our house, and the router is a separate box making it easy to remove.

You "should" be able to take these devices and set them up in a passive/bridge mode. this means there is NO ROUTING or higher layer functions, it just delivers a public address to your USG, but is subject to your providers policies (ie they may lock you out of the FTTH)

If you can't deliver a the public IP to your USG, you're screwed as your either going to have to define the IPs on the FTTH or configure the WAN side of the USG as DHCP. It'll get a NAT DHCP address from the modem. Then the USG can do DHCP for your internal network. The problem is double NAT.

Or IP passtrhough, also often found on FIOS and GPON systems. Even if you can't, in many cases it's still better to run double NAT, as most functions will work (not that I recommend it as such!!!!!) than to use the ISP router. Especially if you can set the 'system' router as DMZ on the provider's router, there's little that gets blocked by double NAT left. (once again, understand that this is a last option only)

2 hours ago, Amr said:

This is an FTTH router (GPON = Gigabit Passive Optical Networks) that I have to use, I cannot use any other router, Get it?

As per the above, what you don't get is that you CAN use another router. There's ALWAYS some sort of way to isolate the system from an service provider router. Which methods are available, work best and how to set it up will certainly differ per region.

Sign In

Subnet Setup for C4 equipment

Recommended Posts

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Join the conversation

Important Information