"Michael D. Schleif" wrote:
>
> We have a network of (64) public addresses connected to the Internet via
> DSL modem.
>
> This network consists of wintels and macs, and management of each is by
> different groups. Other than the Netopia DSL router, everything inside
> this network is 100% switched. Management insists that any user must be
> able to plug in anywhere on the network, regardless of platform -- so,
> we cannot divide platforms or systems by different switches. Two (2) of
> the wintels require remote (internet) PC Anywhere access. All of the
> macs require remote (internet) access via Timbuktu (tcp 407) and
> Retrospect remote backup (tcp/udp 497).
>
> The environment is growing and constantly in flux. Currently, there are
> a couple free IP addresses; but, keeping track of which are in use or
> free is nearly impossible! Clearly, that is what DHCP is for ;>
>
> We tried putting LRP-CD into this network, using eth1 for a MASQ'd,
> DHCP'd, private network and a public DMZ on eth2 for those that require
> remote access. Unfortunately, broadcasts from eth1 are broadcast to
> eth2 by the switches, and vice versa, all of which are seen as
> martians!?!?
>
> It appears to us that this martian overhead is excessive and probably
> not a good network design ;<
>
> Is there away to port forward on a given port (e.g., 407 *OR* 497) to a
> _group_ of systems? That way, we could assign private addresses to
> everything, and never worry about running out of public addresses . . .
>
> What other designs/solutions ought we to consider?
>
> What do you think?
One thing we noticed in /etc/network.conf:
# One (or more) Internal network(s):
#
# INTERN_NET="192.168.1.0/24 192.168.2.0/24 192.168.4.0/24"
How does this work with *multiple* networks?
Could we use something like this on eth1?
INTERN_NET="192.168.1.0/24 pu.bl.ic.0/26"
Then, run DHCP on the private segment and statically assign addresses,
as required, to the public segment?
How would we set the value of MASQ_SWITCH ???
What else need we consider, to put two (2) or more networks on one (1)
interface?
What do you think?
--
Best Regards,
mds
mds resource
888.250.3987
"Dare to fix things before they break . . . "
"Our capacity for understanding is inversely proportional to how much we
think we know. The more I know, the more I know I don't know . . . "
_______________________________________________
Leaf-user mailing list
[EMAIL PROTECTED]
http://lists.sourceforge.net/lists/listinfo/leaf-user
