great info simon. thanx brother.
----- Original Message ---- > From: Simon Hobson <[email protected]> > To: Shorewall Users <[email protected]> > Sent: Saturday, February 7, 2009 6:18:13 PM > Subject: Re: [Shorewall-users] Grouping zones > > Linux Advocate wrote: > > >the switch though must still be vlan capable or > >even basic taiwanese switches will do? > > Yes, the switch itself must be VLAN capable - so > that means your basic £20 jobs won't do. However, > you don't have to spend a fortune to get into the > lower end of capable switches. > > > For example, the Netgear FS726T > (http://netgear.com/Products/Switches/SmartSwitches/FS726T.aspx) > can probably be found for £150, and will give you > 24 10/100 ports and two 1G ports. Hook one of the > gig ports to your router, the other to your > server (if you have a separate server), setup > your VLANs, and you can have a different network > on each of the ports. > > As a practical example, if you splash out around > £300 on the PoE version > (http://netgear.com/Products/Switches/SmartSwitches/FS726TP.aspx) > then you get 12 powered ports. Many VoIP phones > support VLANs as well, so you can have up to 12 > desk phones on one subnet (all powered from the > switch), and a separate subnet on a separate VLAN > for your data traffic. If you don't want to be > able to plug your computer into the back of the > phone, then the phone doesn't need to support > VLANs*. > Another use would be to have PoE wireless access > points on a different network to your hardwired > kit - thus allowing your to have an open wireless > while keeping your network secure. > > With one switch though, you don't really need > VLANs (you can just use multiple network ports on > the router) - where it REALLY comes into play is > on larger installations. At work we have a site > (a 'science park' campus) that has an extensive > fibre network. All the switches are fully > managed, and the different subnets for customer > connections are managed from a single router and > distributed on their own VLANs - dozens of > networks, all segregated, but passed down one > cable. > > > * You have a choice for each port on the switch. > It can be 'untagged' and belong to a single VLAN > - that is just like a basic switch. Or it can be > 'tagged' and pass VLAN tagged packets - the > device at the other end is then responsible for > managing the VLANs it uses. So for a VLAN capable > VoIP phone, you can set the switch port to > tagged, and configure the phone to connect itself > to one VLAN and bridge it's PS port to another > VLAN. A PC plugged into the back of the phone > would then get connected to a different network > to the phone - while only using the one cable. > > -- > Simon Hobson > > Visit http://www.magpiesnestpublishing.co.uk/ for books by acclaimed > author Gladys Hobson. Novels - poetry - short stories - ideal as > Christmas stocking fillers. Some available as e-books. > > ------------------------------------------------------------------------------ > Create and Deploy Rich Internet Apps outside the browser with Adobe(R)AIR(TM) > software. With Adobe AIR, Ajax developers can use existing skills and code to > build responsive, highly engaging applications that combine the power of local > resources and data with the reach of the web. Download the Adobe AIR SDK and > Ajax docs to start building applications today-http://p.sf.net/sfu/adobe-com > _______________________________________________ > Shorewall-users mailing list > [email protected] > https://lists.sourceforge.net/lists/listinfo/shorewall-users ------------------------------------------------------------------------------ Create and Deploy Rich Internet Apps outside the browser with Adobe(R)AIR(TM) software. With Adobe AIR, Ajax developers can use existing skills and code to build responsive, highly engaging applications that combine the power of local resources and data with the reach of the web. Download the Adobe AIR SDK and Ajax docs to start building applications today-http://p.sf.net/sfu/adobe-com _______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
