I don't want to violate corporate policy. I do want to get my job done. It involves putting a cluster together for scientific computations. IT should be an enabler, correct?
I spoke with one of our linux guys and he deferred to the network folks. My linux guy said this (ip masquerade) used to be verboten. (Although, he said that many moons ago using a linux box with iptables was how they secured the network.) So, I have to wait for my network person... I know him pretty well, and we have talked about this earlier. I thought he indicated it would be ok. However, when one gets to specifics, things can and do change. I don't know how I am going to do this cluster on a public (company) network... That would be absurd. Anyone have any alternate ideas? My clusteree's (just made that up) do need periodic access to the net. This is to get software updates and "stuff". They also need to communicate at 1Gbit rates during computations. That would clog the public network. Bruce -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Ben Scott Sent: Monday, March 17, 2008 12:10 PM To: Greater NH Linux User Group Subject: Re: Setting up separate network question On Mon, Mar 17, 2008 at 10:55 AM, Labitt, Bruce <[EMAIL PROTECTED]> wrote: > I just want to ask the list if I've got this right. What you describe sounds like it will work, for most definitions of "work". > Is this benign to the outside network? It depends on what you mean by "benign". I presume this is in a corporate IT scenario. Done properly, and without intent to abuse, it is unlikely to cause any technical problems. It may violate corporate security or administration practices, though. (And that's not just bureaucracy -- if I'm a corporate IT guy being held responsible for security, I will want to be able to make sure things are secure.) > Do some networks block this? It is generally easier to hide masquerading than it is to detect it, so most network operators don't try to block it using technical means (because they would get into an arms race they would probably lose). That said, if it violates corporate policy, it may get you in trouble, fired, or even in legal trouble. Definitely ask first. :) -- Ben _______________________________________________ gnhlug-discuss mailing list gnhlug-discuss@mail.gnhlug.org http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss/ _______________________________________________ gnhlug-discuss mailing list gnhlug-discuss@mail.gnhlug.org http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss/
