We have a network of (64) public addresses connected to the Internet via
DSL modem.
This network consists of wintels and macs, and management of each is by
different groups. Other than the Netopia DSL router, everything inside
this network is 100% switched. Management insists that any user must be
able to plug in anywhere on the network, regardless of platform -- so,
we cannot divide platforms or systems by different switches. Two (2) of
the wintels require remote (internet) PC Anywhere access. All of the
macs require remote (internet) access via Timbuktu (tcp 407) and
Retrospect remote backup (tcp/udp 497).
The environment is growing and constantly in flux. Currently, there are
a couple free IP addresses; but, keeping track of which are in use or
free is nearly impossible! Clearly, that is what DHCP is for ;>
We tried putting LRP-CD into this network, using eth1 for a MASQ'd,
DHCP'd, private network and a public DMZ on eth2 for those that require
remote access. Unfortunately, broadcasts from eth1 are broadcast to
eth2 by the switches, and vice versa, all of which are seen as
martians!?!?
It appears to us that this martian overhead is excessive and probably
not a good network design ;<
Is there away to port forward on a given port (e.g., 407 *OR* 497) to a
_group_ of systems? That way, we could assign private addresses to
everything, and never worry about running out of public addresses . . .
What other designs/solutions ought we to consider?
What do you think?
--
Best Regards,
mds
mds resource
888.250.3987
"Dare to fix things before they break . . . "
"Our capacity for understanding is inversely proportional to how much we
think we know. The more I know, the more I know I don't know . . . "
_______________________________________________
Leaf-user mailing list
[EMAIL PROTECTED]
http://lists.sourceforge.net/lists/listinfo/leaf-user
