Re: Welcome to MUMSnet
I bet your large site had just 1 subnet.
It did, but actually not that many devices. It was more a case of our use case didn't fit too well with their prescribed block assignments - and it left a dynamic range that was a bit too small to allow for both reasonable length leases (for stability) and a moderate amount of churn.
Prior to joining this big WAN with the prescribed usage of IPs, I did use just a /24 for this network from the 192.168.0.0/16 allocation. It wasn't the number of devices, it was the restrictions imposed that made me choose a /23.
So perhaps they’d had a standard that no subnet should be more than /24 and all routers would be from .1 to 9, and you suddenly broke that.
Actually, it was more a case of the supposedly professional people doing the networking hadn't actually even thought about that. It was clear that they had never worked with anything but a /24.
Why didn’t you just do 2 x /24’s, private ip’s are free!!
And then you have the problem of routing those addresses together - and breaking the stuff that relies on broadcast or multicast.
It’s good engineering to not use big subnets, modern switches can temper broadcasts but in older times having large broadcast domains would slow all your systems in that broadcast domain as everything would need to listen to the broadcasts.
True. But as you don't know what was on our network, you aren't qualified to say whether your suggestion would be better or worse than what we did have. It did work just fine, and broadcast traffic was not a problem. Bear in mind that a significant proportion of traffic was keystrokes sent via Telnet and the corresponding screen updates - that should date it a bit for you, as should the fact that it was a mix of 100 and 10M, using hubs, and only (IIRC) one switch to give some traffic segregation between hubs (I tried to keep "groups of users", especially the art/design dept with their megabyte sized files, together on one hub). That was not far behind state of the art at one time you know ;-) As it was, it was a very major step up for us from the 230kbps Apple LocalTalk for the Macs, and no network at all for the PCs.
Also, lets just say that budget was "not large" :-(
Many firewalls (checkpoint, asa etc) for decades have allowed ranges to be used in rules as well as subnets.
And many have not. And also there's the issue of diagnostics and stuff like that.
Classic example of someone who knows a little & thinks they know best but truly has no clue.
That's a rather wild accusation to throw at someone when the only evidence you have is that you think you have a better grasp on how the network should have been designed than the person who was actually there with access to the information needed in order to make those decisions.