>Instead, (for the truly paranoid, I guess) here's another network.
>This one uses another router to NAT and isolate the entire WiFi
>network behind a single IP from the outer network. (SOHO Router/NAT
>boxes are cheap.)
>
>
> New Old
> Router Router
>{internet}--[W L]-(10.10.10/24)-+-[W L]-(192.168.1/24)---->Internal LAN
> |
> |
> +-[W L]-(10.1.1/24)-+---[WiFi AP#1]
> New |
> Router +---[WiFi AP#2]
> #2 |
> etc.
Okay, SOHO routers are cheap. I need to make sure that New Router #2 is
resistant to ARP floods. Have you seen SOHO class routers that are so
resistant? I can't justify buying big iron for this project.
>Regardless of the network configuration, if the machines in your
>Internal LAN are going to connect to the WiFi via their wireless
>network interfaces while being on the wired LAN via the ethernet
>interfaces ... why bother with all of this?
Are you saying that using WiFi would compromise this one computer or that
doing so would allow the dual-connected computer to bridge the two
networks in an unprotected manner?
*************************************************************************
** List info, subscription management, list rules, archives, privacy **
** policy, calmness, a member map, and more at http://www.cguys.org/ **
*************************************************************************
