So splitting a Class C in half for use with a firewall is a
perfectly fine thing to do. RFC 950 was written TEN YEARS AGO,
when there was spare IP address-space to burn.
There appears to be a lot of confusion over PortMasters and netmasks,
but there's one simple rule that should make it easier to understand:
All our products support ONE netmask per network. We expect a network
to be sliced up the same way, which is another way of saying that we
don't do variable length subnet masks. We will do VLSM in the future
(its one of the Big Four Requests).
Revision B of the Configuration Guide for PortMaster Products (now over 300
pages but not out yet) will discuss netmasks and routing on PortMasters
in all the detail you can stand, and more.
-- Carl Rigney cdr@livingston.com"I always get the feeling that there's someone out there who *knows* what's going on. :) But before this job I was pretty much 'uh, what's a portmaster?' Now I can answer, 'it's a thingie'." -- the other Gretchen, 94/9/6