I wanted to revive this thread because I had the need for this recently,
but since I was a remote location (and I'm no network guy) I didn't have
the confidence. There was also one nagging issue regarding dhcp for this
setup that I wasn't sure about.
So let me explain the problem scenario.
I had a little small office lan setup, with a linux box being a gateway to
a few PCs, and it also provides samba/mail/backup/dhcp services too.
DSL is becoming available there, and it turns out that the office next
door was interested in sharing the line (and the cost) which would make it
almost the same price as their current ISP costs. So they jumped at the
opportunity.
So, I simply plugged the neighbouring office's hub into the uplink port of
their hub, configured their PC's to use dhcp, and they were on the 'net
(although slower with a modem).
It was right abotu this point that I realized that all the PCs in the
existing offcie had wide open shares. I has already made sure the samba
shares were protected, but completely forgot about the client side.
So, I know the answer would be break up the 192.168.2.x network into 2
(or more) subnets, give them different netmasks and then each of their
networks would be private.
But where I thought it wouldn't work was the fact that I had them all
using dhcp. How would I be able to serve them Ips from two different
ranges? I think the amswer is to add another nic to the linux box, plug
the second network into it, and (somehow) setup two dhcpd servers to each
serve on of the interfaces.
Would this work? Is this the only way? I realize it can be done with
static IPs (at least on one side), but that would still leave room for a
malicious user to switch over to dhcp and see the other netwrok next door.
I guess the same applies to static Ip's on both sides if the user is savvy
enough, but I don't want to do that either.
Just a thought. It would be a long time before I'd be in the area to make
the change anyway.
thanks
charle
On Wed, 9 Feb 2000, Scott Howard wrote:
> Why break things up into smaller (restrict the) numbers of hosts?
> Sometimes you need to isolate computer groups for better network performance
> (have the computers that talk to each other the most off in a corner where
> they won't disturb anyone else), security (limit the damage that a vandal can
> cause), or because it makes troubleshooting easier (limit the number of
> variables).
>
> If nothing else, restricting the number of hosts (subnetting) is done for
> organizational or topological reasons, coupled with the fact that there
> are a limited number of IP#'s out there, and the numbers are assigned in
> blocks usually, which is why things are broken up in contigous, consecutive
> numbers.
--
To unsubscribe: mail [EMAIL PROTECTED] with "unsubscribe"
as the Subject.
