Hello
I recently stepped up to a new position of security network engineer and I am migrating legacy undocumented firewall. There are too many routes and bunch of interfaces which needs some supernetting.
What I have done so far is that I sorted the routes into excel and used contingence table formatting to have a little bit nicer view.
On the screenshot in the link you can see an example of it so it goes:
interface name (vlan xyz) next hop route1 route2 etc
Link to screen: http://prntscr.com/ijmt0k
moving on:
I can summarize the
7.32.58.142/32 7.32.58.143/32 7.32.58.144/32 7.32.58.145/32 7.32.58.175/32 7.32.58.180/32
into
7.32.58.128/26 - I will be doing this by pasting the groups of routes into online summary calculator which gives me subnet. However this subnet is far bigger than routes I am trying to replace and second step here is to make sure that as I will go further by doing this I might sum for example another group of IPs pointing to another interface which for example will include 7.32.58.176/32 in the group and if that summary route would be /25 (in contrast to 26) then I will effectively be sending our 7.32.58.176/32 traffic by previous summary route I made 7.32.58.128/26 to a totally different interface as it was intended to flow and it will drop eventually.
Hope you can understand my situation and that I didn't confuse you.
There are too many routes to work with and checking cases like this by eye is inhuman :(.
Can you suggest any free tools or methods how to approach such problem in efficient, error-free way? I am desperate honestly.
No comments:
Post a Comment