You gain the ability to split a /24 into variable-length subnets in milliseconds, diagnose a cross-subnet latency spike by reading kernel buffers, and automate the provisioning of 50 VLANs before your coffee gets cold.
Create a new VLAN, assign IPs, reboot. (Slow) The Terminal way (Better): subnetwork craft terminal better
In the modern era of cloud computing, IoT sprawl, and zero-trust security, the humble subnetwork (subnet) has re-emerged as the battlefield for network dominance. While graphical user interfaces (GUIs) and SD-WAN controllers offer convenience, they often abstract away the raw power of manual control. To truly make a subnetwork craft terminal better , you must abandon the mouse and embrace the command line interface (CLI). You gain the ability to split a /24
The terminal is faster, more reliable, and infinitely more transparent. So, open your SSH client, drop into a root shell, and start typing. Your network will thank you. So, open your SSH client, drop into a
# Create a custom routing table for Subnet 10.10.10.0/24 echo "100 vpn-subnet" >> /etc/iproute2/rt_tables # Add default route via VPN interface ip route add default via 10.200.0.1 dev tun0 table vpn-subnet # Mark packets from the subnet iptables -t mangle -A PREROUTING -s 10.10.10.0/24 -j MARK --set-mark 1 # Route marked packets ip rule add fwmark 1 table vpn-subnet This level of granularity is impossible in consumer routers. You have a temporary subnet (a Docker network or WireGuard interface) that appears and disappears. You need your physical subnet to route to it.
# On Router A ip addr add 192.168.1.254/31 dev eth0.10 ip link set eth0.10 up # On Router B ip addr add 192.168.1.255/31 dev eth0.10 ip link set eth0.10 up Note: /31 subnets (RFC 3021) eliminate broadcast addresses for P2P links, saving 50% of IP space. Sometimes you need a subnet to egress via a VPN tunnel, while your main subnet uses the WAN.
# Give subnet 192.168.100.0/24 guaranteed 100mbit on a 1gbit link tc qdisc add dev eth0 root handle 1: htb default 30 tc class add dev eth0 parent 1: classid 1:1 htb rate 100mbit tc filter add dev eth0 protocol ip parent 1:0 prio 1 u32 \ match ip dst 192.168.100.0/24 flowid 1:1 For large subnets (/16 or /12), the default ARP cache time (300 seconds) is too long.