RE: [leaf-user] Network Configuration Ideas

[James Neave]

Hurray!

Er, what was the question again?

Kidding.

Right

Instead of the two points of failure solution, is it possible to:

1) Have the Cisco router as the default route for subnet1 
2) Have the following routing table on the Cisco:

Arbitrary numbers:
subnet1 = 10.1.0.0/16
subnet2 = 10.2.0.0/16
subnet3 = 10.3.0.0/16
subnet4 = 10.4.0.0/16
Cisco1 = 10.1.0.1
LEAF box = 10.1.0.2

Source      Dest        Gateway
10.1.0.0/16 10.2.0.0/16 10.2.0.1
10.1.0.0/16 10.3.0.0/16 10.3.0.1
10.1.0.0/16 10.4.0.0/16 10.4.0.1
10.1.0.0/16 default     10.1.0.2

Which is a backwards two points of failure solution. But the two points
of failure, the Cisco and the LEAF box, are between subnet1 and the
internet, not subnet1 and subnetN. And the internet is less important
than the inter-site connectivity.

Bearing mind I don't know anything about these Cisco things. They run on
voodoo as far as I know.

OR

Throw away the Cisco and just use LEAF! :D

Regards,

James.

-----Original Message-----
From: Robert K Coffman Jr - Info From Data Corporation
[mailto:[EMAIL PROTECTED] 
Sent: 28 June 2005 15:32
To: James Neave; leaf-user@lists.sourceforge.net
Subject: RE: [leaf-user] Network Configuration Ideas

Right on!  

Thanks for taking time to understand this

- Bob

-----Original Message-----
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of James Neave
Sent: Tuesday, June 28, 2005 10:10 AM
To: Robert K Coffman Jr - Info From Data Corporation;
leaf-user@lists.sourceforge.net
Subject: RE: [leaf-user] Network Configuration Ideas


Er,

Wait, is this what you mean?

If there were two routers in subnet1, one to the internet (LEAF) and one
to
the other subnets (Cisco), then two routes would have to be added to the
client machines and you don't want that (sounds nasty)?

Whereas if you made the LEAF box route the traffic from subnet1 to
subnet2
via the Cisco you would have 2 points of failure for traffic between the
LEAF box and the Cisco. But this would give you one default route on the
client boxes which is really what Windows likes.

Now do I get you?

Regards,

James.

-----Original Message-----
From: Robert K Coffman Jr - Info From Data Corporation
[mailto:[EMAIL PROTECTED] 
Sent: 28 June 2005 14:50
To: leaf-user@lists.sourceforge.net
Subject: RE: [leaf-user] Network Configuration Ideas

Route 1:  Via Leaf (or currently a Routefinder acting as a proxy)
10.0.0.250
-> Internet
Route 2:  Via Cisco to the remote subnets - 10.0.0.1 -> Remote subnets

>When you say you don't want LEAF as a single failure point, do you mean
you
don't want LEAF to be a NAT'ing firewall for you internet connection as
well
as performing the routing and/or tunnelling between your subnets?

Exactly.  As much as I know that Leaf is completely capable of
performing
this function, it just introduces another failure point to their network
that I don't want.

Thanks -

Bob Coffman

-----Original Message-----
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of James Neave
Sent: Tuesday, June 28, 2005 9:06 AM
To: Robert K Coffman Jr - Info From Data Corporation;
leaf-user@lists.sourceforge.net
Subject: RE: [leaf-user] Network Configuration Ideas


Hi,

When you say two routes, do you mean:

1: NATed behind the LEAF box.
2: Through a Citrix session.

When you say you don't want LEAF as a single failure point, do you mean
you
don't want LEAF to be a NAT'ing firewall for you internet connection as
well
as performing the routing and/or tunnelling between your subnets?

Regards,

James.

-----Original Message-----
From: Robert K Coffman Jr - Info From Data Corporation
[mailto:[EMAIL PROTECTED] 
Sent: 28 June 2005 13:57
To: leaf-user@lists.sourceforge.net
Subject: [leaf-user] Network Configuration Ideas

Ok, since CPU asked.

I didn't want to put this on list, because it isn't a Leaf question per
se,
however I'm struggling with what to do with this.

In the simplest terms possible, I have a 4 subnet network, with each
subnet
at a different physical location.  Location 1 has the internet
connection,
and the "core server" (read:Citrix) for all the other locations.

Internet connectivity is via a proxy server on the location 1 subnet.  I
would like to eliminate the proxy, and replace it with Leaf with no
proxy.
The problem is, is that this would give anyone in Location 1 two routes
off
their network.  The connections to the remote subnets are via T1 and
they
all connect to location 1 via a Cisco router which has no free
connections.

Must have goals:  eliminate proxy server, provide one route off of the
Location 1 subnet. Would like goals:  Avoid having Leaf as failure point
between subnet 1 and the remote subnets.  Avoid purchasing a new Cisco
router.

Unfortunately, it seems that my best option would be to put another
adapter
in the Leaf router, and renumber subnet 1, so that everything converges
at
leaf on the old subnet 1 address.  However, since I'm using old
commodity
hardware for that task, and internet connectivity is less important to
the
business than the connectivity between the locations, I would love to
keep
this from becoming a point of failure.

Any ideas on what to do here?  Or have I exhausted my options and I need
to
violate one of my "would like" goals?  I don't know Cisco, but I suspect
if
I did I could make short work of this problem.

- Bob Coffman


The information in this email is confidential and may be legally
privileged.
It is intended solely for the addressee.  Access to this email by anyone
else is unauthorised.

If you are not the intended recipient, any disclosure, copying,
distribution
or any action taken or omitted to be taken in reliance on it is
prohibited
and may be unlawful.


The information in this email is confidential and may be legally privileged.  
It is intended solely for the addressee.  Access to this email by anyone else 
is unauthorised.

If you are not the intended recipient, any disclosure, copying, distribution or 
any action taken or omitted to be taken in reliance on it is prohibited and may 
be unlawful.

The contents of an attachment to this email may contain software viruses that 
could damage your own computer systems.  Whilst The Spur Group of Companies has 
taken every precaution to minimise the risk, we cannot accept liability for any 
damage that you sustain as a result of software viruses.



-------------------------------------------------------
SF.Net email is sponsored by: Discover Easy Linux Migration Strategies
from IBM. Find simple to follow Roadmaps, straightforward articles,
informative Webcasts and more! Get everything you need to get up to
speed, fast. http://ads.osdn.com/?ad_idt77&alloc_id492&op=click
------------------------------------------------------------------------
leaf-user mailing list: leaf-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/leaf-user
Support Request -- http://leaf-project.org/