Re: Can one keep networks apart on a machine?
On Mon, Dec 20, 1999 at 01:43:42PM -0600, Kent West wrote: [EMAIL PROTECTED] wrote: snip I kind of like the suggestion from a previous post that this ignorant net admin of yours be brought to task over his administrative decisions. Isn't his job ultimately to provide a network infrastructure that makes end-users more productive? Seems to me that his draconic nothing but NT stance runs counter to this. And this at an institute for higher learning and enlightened thinking... what a shame. Well, I _am_ the original instigator of the bias, as I inadvertently brought the system to its knees with a kernel upgrade. I can't (and don't try to) back out of that responsibility. We've got this unofficial consensus that we'd rather have our people breaking the network with Linux before the students do it from their dorm rooms. This way we can learn from the experiences and yet still have some control. Otherwise, when the students do it, we'll be caught with our pants down. It sounds like these network admins at the school in Bakersfield already have their pants tied around their necks cutting off oxygen to the brain anyway. I sent a long-winded reply direct to the professor himself, but I coudn't resist pointing out in a public forum that if memory serves me correctly, Bakersfield is a public-funded college. And they're pushing a commercial product via their unwillingness to allow the good Dr. to use his Linux system due to their poor network design and lack of troubleshooting skills for when it's broken. Politically this could put the school in some hot water if enough people were upset about it... Anyway, sorry about the rant. Just annoyed at these so-called professionals who boot various types of systems off their networks because they don't understand them. It's even more annoying when they work for an institution that claims to foster higher learning. Nate, [EMAIL PROTECTED]
Re: Can one keep networks apart on a machine?
I kind of like the suggestion from a previous post that this ignorant net admin of yours be brought to task over his administrative decisions. Isn't his job ultimately to provide a network infrastructure that makes end-users more productive? Seems to me that his draconic nothing but NT stance runs counter to this. And this at an institute for higher learning and enlightened thinking... what a shame. Well, I _am_ the original instigator of the bias, as I inadvertently brought the system to its knees with a kernel upgrade. I can't (and don't try to) back out of that responsibility. But I still feel that the problems they had tracking down Me as the culprit of the packet broadcasting issue indicates a flaw in their abilities/available tools to manage serious problems. There was no general communication about the problem with the general college community at all, and I can't help but feel that I could have quickly isolated the problem (at least) by sequentially chopping off various parts of the LAN from one another (were I in his shoes). (And Linux worked so WELL in the system, too. Damn.) You are right when you say that -they- should be able to manage such problems. You are only a user that did something wrong, they should have informed you about the problem and asked you to correct it. Nothing more, nothing less... I shudder to think what would happen if a serious hacker went into the system. (A local fellow was crackling at the sides as he told me about the state of their firewall. But they may have tidied it up a bit since then.) But I may be all wet about that (I know nothing about LAN management/setup/etc). If I was de sysadmin I would be worried that a simple problem as this would bring the LAN to its knees. I would try to fix the problem -and- do what you did all over again in a test setup to insure myself that the LAN can handle the problem... Anyway, IMHO a sysadmin that fixes problems like this is not capable to administer a LAN and should be replaced. Regards, Onno
Re: Can one keep networks apart on a machine?
At 09:27 AM 12/19/99 -0800, [EMAIL PROTECTED] wrote: I have a dilemma at work. They use Windoze (NT at the moment) and will not allow me to use Linux instead. Yet Linux is my choice both personally and professionally (given the tools my discipline has which run under the two environments, Linux is a born winner). I Am allowed to use it as long as it _cannot_access_ the LAN. So I wondered... Is it possible to network it to my office NT box without there being any crossover to the outside LAN? Perhaps this sounds silly, but rebooting is a Bear between systems (I have both on the one machine at this time). (Linux is considered a Maverick system by our newly hired administrator.) Let your boss ask him WHY he doesn't want another OS on the LAN. If he can't come up with a reasenable answer, fire him and get a new one. Regards, Onno
Re: Can one keep networks apart on a machine?
How about a second NIC in the Windows machine, with a cross-over cable to the NIC in the Linux machine? Or PPP over a serial cable? You might have some trouble convincing the Windows machine that you can establish a PPP connection without dialing a phone number; the two services seem pretty tightly bound in the Windows OS. Marc -- Marc Mongeon [EMAIL PROTECTED] Unix Specialist Ban-Koe Systems 9100 W Bloomington Fwy Bloomington, MN 55431-2200 (612)888-0123, x417 | FAX: (612)888-3344 -- It's such a fine line between clever and stupid. -- David St. Hubbins and Nigel Tufnel of Spinal Tap Onno [EMAIL PROTECTED] 12/20 6:42 AM At 09:27 AM 12/19/99 -0800, [EMAIL PROTECTED] wrote: I have a dilemma at work. They use Windoze (NT at the moment) and will not allow me to use Linux instead. Yet Linux is my choice both personally and professionally (given the tools my discipline has which run under the two environments, Linux is a born winner). I Am allowed to use it as long as it _cannot_access_ the LAN. So I wondered... Is it possible to network it to my office NT box without there being any crossover to the outside LAN? Perhaps this sounds silly, but rebooting is a Bear between systems (I have both on the one machine at this time). (Linux is considered a Maverick system by our newly hired administrator.) Let your boss ask him WHY he doesn't want another OS on the LAN. If he can't come up with a reasenable answer, fire him and get a new one. Regards, Onno -- Unsubscribe? mail -s unsubscribe [EMAIL PROTECTED] /dev/null
Re: Can one keep networks apart on a machine?
[EMAIL PROTECTED] wrote: In [EMAIL PROTECTED], on 12/19/99 at 11:56 AM, Dave Sherohman [EMAIL PROTECTED] said: Would it be acceptable to just set up the Linux box with a static route pointing at your NT box and no default route? This would prevent it from talking to any other machines even if it's physically using the same wire. They are concerned about broadcast packets (mentioned in another post). I'm not sure that this would work if the wire is shared. I was thinking of a direct connection between the two machines in the same office. I apologize for not being a network-aware person (strictly home-grown) so my understanding of some suggestions is limited. Suffice it to say that support at work is going to be VERY limited, too. Kenward I'm not a network person either, but here's a kludge if nothing else works. Do a parallelport-to-parallelport network between your Debian box and the Windows box. I don't know the particulars; it's just a hazy idea.
Re: Can one keep networks apart on a machine?
You shouldn't have any problem doing per-adapter setup under NT. The biggest issue I can think of is routing, since NT wants to do all of that automatically, but I think with appropriate choice of IP address and netmask, you can make it work OK. I kind of like the suggestion from a previous post that this ignorant net admin of yours be brought to task over his administrative decisions. Isn't his job ultimately to provide a network infrastructure that makes end-users more productive? Seems to me that his draconic nothing but NT stance runs counter to this. And this at an institute for higher learning and enlightened thinking... what a shame. Marc -- Marc Mongeon [EMAIL PROTECTED] Unix Specialist Ban-Koe Systems 9100 W Bloomington Fwy Bloomington, MN 55431-2200 (612)888-0123, x417 | FAX: (612)888-3344 -- It's such a fine line between clever and stupid. -- David St. Hubbins and Nigel Tufnel of Spinal Tap [EMAIL PROTECTED] 12/20 10:03 AM In [EMAIL PROTECTED], on 12/20/99 at 07:42 AM, Marc Mongeon [EMAIL PROTECTED] said: How about a second NIC in the Windows machine, with a cross-over cable to the NIC in the Linux machine? Or PPP over a serial cable? You might have some trouble convincing the Windows machine that you can establish a PPP connection without dialing a phone number; the two services seem pretty tightly bound in the Windows OS. That's basically what I was thinking about, but I didn't know if the two could be kept apart under NT. Even not being a network-type of person I know Linux will easily do that, but NT is a new environment for me. I have a feeling that I may end up jumping into an NT group for help on the details... yech. Thanks Marc! Kenward Kenward Vaughan .'^~;,_ Professor of Chemistry':,'~ Bakersfield College \;:/ 1801 Panorama Drive |,;| Bakersfield, CA 93305 / ', \ 661-395-4243/ o O \ [EMAIL PROTECTED] (work) (oOoOOoOo) [EMAIL PROTECTED] (home) ------ ???$$???
Re: Can one keep networks apart on a machine?
In [EMAIL PROTECTED], on 12/20/99 at 10:38 AM, Marc Mongeon [EMAIL PROTECTED] said: You shouldn't have any problem doing per-adapter setup under NT. The biggest issue I can think of is routing, since NT wants to do all of that automatically, but I think with appropriate choice of IP address and netmask, you can make it work OK. I'll bear that in mind. Thanks! I kind of like the suggestion from a previous post that this ignorant net admin of yours be brought to task over his administrative decisions. Isn't his job ultimately to provide a network infrastructure that makes end-users more productive? Seems to me that his draconic nothing but NT stance runs counter to this. And this at an institute for higher learning and enlightened thinking... what a shame. Well, I _am_ the original instigator of the bias, as I inadvertently brought the system to its knees with a kernel upgrade. I can't (and don't try to) back out of that responsibility. But I still feel that the problems they had tracking down Me as the culprit of the packet broadcasting issue indicates a flaw in their abilities/available tools to manage serious problems. There was no general communication about the problem with the general college community at all, and I can't help but feel that I could have quickly isolated the problem (at least) by sequentially chopping off various parts of the LAN from one another (were I in his shoes). (And Linux worked so WELL in the system, too. Damn.) I shudder to think what would happen if a serious hacker went into the system. (A local fellow was crackling at the sides as he told me about the state of their firewall. But they may have tidied it up a bit since then.) But I may be all wet about that (I know nothing about LAN management/setup/etc). Kenward Dr. Kenward Vaughan .'^~;,_ Professor of Chemistry':,'~ Bakersfield College \;:/ 1801 Panorama Drive |,;| Bakersfield, CA 93305 / ', \ 661-395-4243/ o O \ [EMAIL PROTECTED] (work) (oOoOOoOo) [EMAIL PROTECTED] (home) ------ ???$$???
Re: Can one keep networks apart on a machine?
[EMAIL PROTECTED] wrote: snip I kind of like the suggestion from a previous post that this ignorant net admin of yours be brought to task over his administrative decisions. Isn't his job ultimately to provide a network infrastructure that makes end-users more productive? Seems to me that his draconic nothing but NT stance runs counter to this. And this at an institute for higher learning and enlightened thinking... what a shame. Well, I _am_ the original instigator of the bias, as I inadvertently brought the system to its knees with a kernel upgrade. I can't (and don't try to) back out of that responsibility. We've got this unofficial consensus that we'd rather have our people breaking the network with Linux before the students do it from their dorm rooms. This way we can learn from the experiences and yet still have some control. Otherwise, when the students do it, we'll be caught with our pants down.
Re: Can one keep networks apart on a machine?
[EMAIL PROTECTED] said: I have a dilemma at work. They use Windoze (NT at the moment) and will not allow me to use Linux instead. Yet Linux is my choice both personally and professionally (given the tools my discipline has which run under the two environments, Linux is a born winner). I Am allowed to use it as long as it _cannot_access_ the LAN. So I wondered... Is it possible to network it to my office NT box without there being any crossover to the outside LAN? Perhaps this sounds silly, but rebooting is a Bear between systems (I have both on the one machine at this time). Would it be acceptable to just set up the Linux box with a static route pointing at your NT box and no default route? This would prevent it from talking to any other machines even if it's physically using the same wire. If it's on a different NIC, you should have full isolation. (Just so long as nobody tells the Linux box to use the NT box as a gateway and tells the NT box to route packets...) (Linux is considered a Maverick system by our newly hired administrator.) Well, yeah... How could a johnny-come-lately OS family like *nix possibly be as mature or robust as the long-established Windows family? -- Geek Code 3.1: GCS d- s+: a- C++ UL++$ P L++ E- W--(++) N+ o+ !K w---$ O M- !V PS+ PE Y+ PGP t 5++ X+ R++ tv- b++ DI D G e* h+ r++ y+
Re: Can one keep networks apart on a machine?
In [EMAIL PROTECTED], on 12/19/99 at 01:42 PM, Marcin Kurc [EMAIL PROTECTED] said: [...] But let's get to the point. I understand that you have Windows box and Linux box, you could install wingate on Windows box and put another network card in it. This way you could have local ip on your linux box (192.168.1.2) and being routed through windows box (192.168.1.1) to the real IP. OK, but I need to remain OFF of the outside network. (The reason for the issue stems from my upgrading to 2.2.12 once, and not seeing the IP bug that nearly blew away the rest of the system (broadcast packets... I'm on a token-ring system, but other parts are ethernet. I know understand the difference between the two. :). That debacle has cost me Linux access and a rancid note in my personnel file. Don't ask why it took nearly 2 weeks to realize the source of the problem.) Would what you are suggesting allow me to keep the two Apart--meaning no way for Linux to see the outsdie world? I am looking for a way to get the Win machine to act as a kind of junction between the two worlds, with the potential of using the Win box as my local source for Internet material (including .deb updates...). Can the two interfaces be made blind of one another? Or does this seem too kludgy? Kenward Kenward Vaughan .'^~;,_ Professor of Chemistry':,'~ Bakersfield College \;:/ 1801 Panorama Drive |,;| Bakersfield, CA 93305 / ', \ 661-395-4243/ o O \ [EMAIL PROTECTED] (work) (oOoOOoOo) [EMAIL PROTECTED] (home) ------ ???$$???
Re: Can one keep networks apart on a machine?
In [EMAIL PROTECTED], on 12/19/99 at 11:56 AM, Dave Sherohman [EMAIL PROTECTED] said: Would it be acceptable to just set up the Linux box with a static route pointing at your NT box and no default route? This would prevent it from talking to any other machines even if it's physically using the same wire. They are concerned about broadcast packets (mentioned in another post). I'm not sure that this would work if the wire is shared. I was thinking of a direct connection between the two machines in the same office. I apologize for not being a network-aware person (strictly home-grown) so my understanding of some suggestions is limited. Suffice it to say that support at work is going to be VERY limited, too. Kenward Kenward Vaughan .'^~;,_ Professor of Chemistry':,'~ Bakersfield College \;:/ 1801 Panorama Drive |,;| Bakersfield, CA 93305 / ', \ 661-395-4243/ o O \ [EMAIL PROTECTED] (work) (oOoOOoOo) [EMAIL PROTECTED] (home) ------ ???$$???
