fyi! From: Tim Moody <t...@timmoody.com> Date: Thu, Jan 7, 2016 at 4:18 PM Subject: [UKids] Jerry's idea for segmenting xo users To: xsce-de...@googlegroups.com Cc: T Gillett <tgill...@gmail.com>, Unleash Kids! < unleashk...@googlegroups.com>
I've been thinking about Jerry's comment today that we would cut down on wifi traffic by isolating users on each WR841 router, particularly in the case where they don't register with the server. I noticed that they support vlans and wonder could we create vlan1 with lan ports 1 and 2 and vlan2 with ports 3 and 4 (the number on each is arbitrary) bridge vlan1 with wifi and vlan2 with wan nat the vlan1 bridge to the vlan2 bridge with dhcpd on the router, each in a separate subnet daisy chain all routers through the vlan2 bridge and even let xsce supply ip addresses to the wan side of each router add iptables rules that restrict the traffic to each router's subnet and 172.18.96.1. (the subnets don't have to be in the server's address space) so an xo can only reach the server or other xos on its router. -- Unsung Heroes of OLPC, interviewed live @ http://unleashkids.org !
_______________________________________________ Server-devel mailing list Server-devel@lists.laptop.org http://lists.laptop.org/listinfo/server-devel
