l i n u x - u s e r s - g r o u p - o f - d a v i s
Next Meeting:
July 7: Social gathering
Next Installfest:
Latest News:
Jun. 14: June LUGOD meeting cancelled
Page last updated:
2001 Dec 30 16:59

The following is an archive of a post made to our 'vox-tech mailing list' by one of its subscribers.

Report this post as spam:

(Enter your email address)
Re: [vox-tech] dsl ideas
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [vox-tech] dsl ideas

On Sun, 3 Dec 2000, Ted Deppner wrote:

> Cisco calls these things "VLANs", or Virtual LANs.  If you really have a
> switch capable of VLANs you have a $1000 switch... if it didn't cost that
> much you may not have VLANs, and therefore no real guarantee that your
> packets will route through your router box between the two VLANs.

Yes, our router does vlans, it's also a 10/100 :)
I believe I said it was manageable.

and you're making the mistake of assuming that i paid for it :P

> > would simply connect to the other vlan on the switch (however many ports for
> > internal use) and the other machines would all be there.
> Routers route... you don't want it to "bridge".  I'll assuming you
> misspoke.

Right, I'm refering to the fact that traffic from the outside would be routed
to the internal network and vice-versa :) my mistake. Bridging would imply 2
separate media, iirc.

> It would work, and many people do it that way... however, if you want
> protection from that nasty DSL line and all the internet, you may consider
> putting the DSL into your router directly on it's own NIC (with a
> crossover type cable), then your two lans (public server lan and private
> MASQuerade/NAT LAN) each on their own NIC for increased security.  This
> would be a total of three NICs in your router.

This seems too cumbersome, imho. And i'd hate to have my whole network go down
just because my router died.

One of my ideas is to have a second router as a backup (our primary router
does http, ftp and some other stuff) just to do nat, and maybe have the
clients switch routers after some timeout. Just an idea :P

> Otherwise, using the method you outlined, each of your publically
> available servers would need to have it's own firewall type configuration,
> and you'd be more at risk.

yes, i'm aware of the security issues, but since i don't know what to do with
those extra 4 ips yet, i'm just thinking up architectural ideas :)


LUGOD Group on LinkedIn
Sign up for LUGOD event announcements
Your email address:
LUGOD Group on Facebook
'Like' LUGOD on Facebook:

Hosting provided by:
Sunset Systems
Sunset Systems offers preconfigured Linux systems, remote system administration and custom software development.

LUGOD: Linux Users' Group of Davis
PO Box 2082, Davis, CA 95617
Contact Us

LUGOD is a 501(c)7 non-profit organization
based in Davis, California
and serving the Sacramento area.
"Linux" is a trademark of Linus Torvalds.

Sponsored in part by:
O'Reilly and Associates
For numerous book donations.