[SOLVED] Silly question on firewall aliases

Started by mimitair, September 26, 2024, 09:20:08 AM

Previous topic - Next topic
Print
Go Down Pages1
User actions
September 26, 2024, 09:20:08 AM Last Edit: September 26, 2024, 10:52:52 AM by mimitair
Say I have a Home vlan on 192.168.10.x/24 and a Guest vlan on 192.168.20.x/24.
I then create an alias encompassing the private IP addresses defined by the RFC1918 (10.x.x.x, 172.x.x.x and 192.168.x.x/16).
I then want to block all traffic coming in the guest vlan interface that is going out to the Home network. Does the 192.168.x.x/16 network in the alias also encompass the 192.168.10.x/24 network? Or should I add an extra network in the alias of private IP addresses specifically stating 192.168.10.x/24?

Thank you in advance for your reply.

Kind regards
September 26, 2024, 09:50:46 AM #1
RFC1918 is the definition/standard that includes all Private addresses, so it will include all Private addresses and networks.

https://www.rfc-editor.org/rfc/rfc1918


Code Select
IP Address: 192.168.0.0
Network Address: 192.168.0.0
Usable Host IP Range: 192.168.0.1 - 192.168.255.254
Broadcast Address: 192.168.255.255
Total Number of Hosts: 65,536
Number of Usable Hosts: 65,534
Subnet Mask: 255.255.0.0
Wildcard Mask: 0.0.255.255
Binary Subnet Mask: 11111111.11111111.00000000.00000000
IP Class: B
CIDR Notation: /16
IP Type: Private

Regards,
S.
Networking is love. You may hate it, but in the end, you always come back to it.

OPNSense HW
APU2D2 - deceased
N5105 - i226-V | Patriot 2x8G 3200 DDR4 | L 790 512G - VM HA(SOON)
N100   - i226-V | Crucial 16G  4800 DDR5 | S 980 500G - PROD
September 26, 2024, 10:44:58 AM #2
September 26, 2024, 10:56:46 AM #3
That makes sense. Thank you! :)
Print
Go Up Pages1
User actions