Paul Gear wrote: >>> There's no need to run multiple instances of dhcpd for multiple >>> VLANs. Just define them as separate subnets, give your DHCP server >>> an interface in each subnet, and it will automatically allocate >>> clients from the right range. >> >> Not when each VLAN is on the same subnet it won't. The whole point is >> that I'm not in a position to partition our address block, so the >> "firewall" I'm building has to be transparent - hence bridge or proxy >> ARP. > >Sorry - i must have misread the beginning part of your post. That's not >a firewall i would like to be building. :-\
Yeah, it's not the firewall I'd be building if I could design the network from scratch. However, even if I could redesign the network, that wouldn't help in the general case where there's only a very small IP allocation. One site we had, we could only get a /28 from the ISP, so 13 addresses usable for customers - and at one point we did have 13 users on the site. I don't see availablility of IPv4 address blocks getting better in the future - "they're not making any more of it you know". > The DHCP part of it could be just as tricky as the firewall part. Indeed. But first I'm experimenting to see how the different topologies work in practice. Using proxy-ARP, on Friday I managed to get a device in one VLAN to successfully use a wrong (not allowed for it and allocated to a different VLAN) IP. I need to do a less "ad hoc" session and verify the sequence of events required. Just for good measure, the first switch off the shelf (Linksys SRW248G4), which I could have kept and used permanently has a sh*te GUI that only works with Internet Exploder, and the VLAN pages don't work as they trigger out of memory errors :( SOmeone, somewhere in the world, would have felt a buring sensation in their ears on Friday ! ------------------------------------------------------------------------------ Master Visual Studio, SharePoint, SQL, ASP.NET, C# 2012, HTML5, CSS, MVC, Windows 8 Apps, JavaScript and much more. Keep your skills current with LearnDevNow - 3,200 step-by-step video tutorials by Microsoft MVPs and experts. SALE $99.99 this month only -- learn more at: http://p.sf.net/sfu/learnmore_122412 _______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
