When there is a good use-case I completely agree with you, and it is probably my fault for not remembering that his traffic probably needed to be kept more separate.
In many cases it is completely a non issue. In most of the cases I use this method it is all within a single internal organization so no risk at all. ------------------ Richard On Fri, Nov 19, 2010 at 10:14 AM, David Burgess <apt....@gmail.com> wrote: > On 2010-11-19 9:56 AM, "Richard Amerman" <fi...@7technw.com> wrote: > > I do this all the time and using a separate nic is simpler and easier to > > manage than an alias. Unless I am missing something, a vlan for this case > is > > overkill. > > I discussed this with the m0n0wall list back in '07 where cmb and others > essentially said that it's a bad idea to run 2 subnets on a physical > network, mostly for security reasons, I think. > > Given the option I would do the vlan thing, just for the added layer > separating the hostile users from my stuff. > > db >