l i n u x - u s e r s - g r o u p - o f - d a v i s
L U G O D
 
Next Meeting:
November 4: Social gathering
Next Installfest:
TBD
Latest News:
Oct. 24: LUGOD election season has begun!
Page last updated:
2001 Dec 30 16:59

The following is an archive of a post made to our 'vox-tech mailing list' by one of its subscribers.

Report this post as spam:

(Enter your email address)
Re: [vox-tech] dsl ideas
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [vox-tech] dsl ideas



On Sun, 3 Dec 2000, Ted Deppner wrote:

> 
> Cisco calls these things "VLANs", or Virtual LANs.  If you really have a
> switch capable of VLANs you have a $1000 switch... if it didn't cost that
> much you may not have VLANs, and therefore no real guarantee that your
> packets will route through your router box between the two VLANs.
> 

Yes, our router does vlans, it's also a 10/100 :)
I believe I said it was manageable.

and you're making the mistake of assuming that i paid for it :P

> > would simply connect to the other vlan on the switch (however many ports for
> > internal use) and the other machines would all be there.
> 
> Routers route... you don't want it to "bridge".  I'll assuming you
> misspoke.

Right, I'm refering to the fact that traffic from the outside would be routed
to the internal network and vice-versa :) my mistake. Bridging would imply 2
separate media, iirc.

> It would work, and many people do it that way... however, if you want
> protection from that nasty DSL line and all the internet, you may consider
> putting the DSL into your router directly on it's own NIC (with a
> crossover type cable), then your two lans (public server lan and private
> MASQuerade/NAT LAN) each on their own NIC for increased security.  This
> would be a total of three NICs in your router.
> 

This seems too cumbersome, imho. And i'd hate to have my whole network go down
just because my router died.

One of my ideas is to have a second router as a backup (our primary router
does http, ftp and some other stuff) just to do nat, and maybe have the
clients switch routers after some timeout. Just an idea :P

> Otherwise, using the method you outlined, each of your publically
> available servers would need to have it's own firewall type configuration,
> and you'd be more at risk.
> 

yes, i'm aware of the security issues, but since i don't know what to do with
those extra 4 ips yet, i'm just thinking up architectural ideas :)

-Gabriel


LinkedIn
LUGOD Group on LinkedIn
Sign up for LUGOD event announcements
Your email address:
facebook
LUGOD Group on Facebook
'Like' LUGOD on Facebook:

Hosting provided by:
Sunset Systems
Sunset Systems offers preconfigured Linux systems, remote system administration and custom software development.

LUGOD: Linux Users' Group of Davis
PO Box 2082, Davis, CA 95617
Contact Us

LUGOD is a 501(c)7 non-profit organization
based in Davis, California
and serving the Sacramento area.
"Linux" is a trademark of Linus Torvalds.

Sponsored in part by:
Sunset Systems
Who graciously hosts our website & mailing lists!