It is currently Fri Aug 29, 2014 7:42 pm

All times are UTC - 8 hours




Post new topic Reply to topic  [ 40 posts ]  Go to page Previous  1, 2
Author Message
 Post subject:
PostPosted: Sat May 23, 2009 11:19 pm 
Offline

Joined: Tue Feb 13, 2007 7:28 pm
Posts: 1406
Location: USA
Monkeh16 wrote:
I'd really like to see a working setup as you've just described. One which doesn't take hours of fiddling to make two DHCP servers (WAN and LAN) co-exist on the same dumb switch.

Meanwhile, I'll go back to using two NICs..

Two DHCP servers are not coexisting on the switch. The switch must have a hard IP address. A local IP address, mind you. The external IP address provided by your ISP is not assigned to the switch, it is assigned to the router. The router is the gateway device on your network, not the switch. It doesn't matter that the WAN is connected to the switch and not the router directly, because the switch is just a bridge. It just passes the packets along, it doesn't make any decisions about where they should go. All decisions are made by the router using static routing tables.


Top
 Profile  
 
 Post subject:
PostPosted: Sat May 23, 2009 11:53 pm 
Offline

Joined: Tue Feb 13, 2007 7:28 pm
Posts: 1406
Location: USA
ghatothkach wrote:
jessekopelman:
Can you please post links to some of the switches which can do what you are saying you can do.

Well, let me make one correction to what I said in one of the posts: You aren't going to be able to assign IP address based on switch port. I got too caught up in what I was trying to describe and didn't pay enough attention to what I was actual writing. Other than doing that, I was just talking about using a switch as an Ethernet bridge and any switch can do that.

ghatothkach wrote:
I need to run 3 networks on the 3 different ports I am looking at
eg port 1=> 10.10.10.0/24
port2 => 192.168.10.0/24
port3=> DHCP client on ISP network

I dont see how I can do this using a single port ethernet on a linux computer and a consumer network switch...

I don't see the problem. The switch is just a bridge, it just passes stuff along. The ISP network is connected to the switch, but all packets are just passed to your router. The router requests an IP from the ISP's DHCP server and it is passed through the switch back to the router. A device on your LAN requests 10.10.10.0/24 and it is passed through the switch to your router. Same with a request for 192.168.10.0/24. Now you may not be able to isolate your networks by Ethernet port, since you won't actually know what switch port a device is connected to, but you will be able to use MAC addresses to control what IP address a device is assigned and you will be able to control what networks a given IP address can communicate with via routing.

ghatothkach wrote:
Next I will have to configure shorewall (www.shorewall.net) if you read through some of the documentation, I need to configure 3 interfaces with the software and setup the configuration. I am unable to understand how I will see the 3 or 4 interfaces on the consumer switch visible on the linux computer... which has only one interface...

Well, I am talking about routing by IP address not physical interface. If you absolutely have to do control by physical interface, than my solution will not work. That said, the routing solution I propose seems to be fully supported by Shorewall -- look at this. I believe the same can be said for pretty much every popular firewall package.


Top
 Profile  
 
 Post subject:
PostPosted: Sun May 24, 2009 7:00 am 
Offline

Joined: Sun May 04, 2008 2:57 pm
Posts: 507
Location: England
jessekopelman wrote:
The switch is just a bridge, it just passes stuff along. The ISP network is connected to the switch, but all packets are just passed to your router.


Yes, it passes the DHCP requests from your clients along to the modem. This is.. not wanted behaviour.


Top
 Profile  
 
 Post subject:
PostPosted: Wed May 27, 2009 12:19 am 
Offline

Joined: Thu Apr 30, 2009 1:10 am
Posts: 4
Location: uk
ghatothkach wrote:
dimach wrote:
If you like OpenWRT, Ubiquiti routerstation pro is just for you!

Thanks for the link... I will look into it.. the price is right so is the CPU speed, not yet sure if I can install a HDD on to the board... but I guess will work through the USB... Also I will have to host my www server elsewhere as this is a perfect router board, but many not be powerful enough for a webserver, but definitely better than the NSLU2

Ghat


You can get minipci ide or SATA cards. I've need for PCI slots, so can't use it unfortunately.


Top
 Profile  
 
 Post subject:
PostPosted: Sat May 30, 2009 12:59 pm 
Offline

Joined: Tue Feb 13, 2007 7:28 pm
Posts: 1406
Location: USA
Monkeh16 wrote:
jessekopelman wrote:
The switch is just a bridge, it just passes stuff along. The ISP network is connected to the switch, but all packets are just passed to your router.


Yes, it passes the DHCP requests from your clients along to the modem. This is.. not wanted behaviour.

You are correct. I wasn't thinking this through properly. Single port router really only works for all-static IP configuration. DHCP is probably too useful to live without, so that consigns my idea to niche implementations. Oh well . . . I guess if you want to build your own router you just got to pony up for a board with two Ethernet ports. Thanks for setting me straight.


Top
 Profile  
 
 Post subject: Re: linux home gateway/firewall/webserver recomendation
PostPosted: Sun Aug 30, 2009 8:17 pm 
Offline

Joined: Wed Aug 26, 2009 1:09 pm
Posts: 40
Location: Fairfax, VA
ghatothkach wrote:
I was looking for a mini-itx or smaller system which has at least 3 gBe ports (overall) and a mini-PCI-E slot, where I can attach a Atheros-802.11n card later...


The MSI Fuzzy 945GME2 looks like it might be another option for you.

No mini-PCIe; but it does manage to cram in a PCI slot, a PCIe x16 slot, and a PCIe x1 slot.


Top
 Profile  
 
 Post subject:
PostPosted: Sat Nov 14, 2009 2:27 am 
Offline

Joined: Thu Nov 12, 2009 3:16 am
Posts: 1
Location: CHANDANNAGORE
Can you run Windows firewall alongside McAfee firewall or is it detrimental to the operation of the system? I have running the Windows XP firewall, alongside my McAfee firewall and associated products. By running 2 firewalls alongside each other, is it to the detriment of the system?
______________________
matrimonial magazine


Last edited by pacella on Fri Nov 20, 2009 11:36 pm, edited 1 time in total.

Top
 Profile  
 
 Post subject:
PostPosted: Fri Nov 20, 2009 8:59 am 
Offline

Joined: Sat Sep 01, 2007 4:18 am
Posts: 42
Location: earth
This is quite the thread! Allow me weigh in on a few things...

@jessekopelman/Monkeh16
Managed switches, especially 100mbit, are very easy to come by. I'm in the business so I get some (HP 2424M) from contacts I know, but some I pick up as the local college/businesses upgrade their network and hand off the old switches to surplus outlets (HP 4000M + modules, BayStack 350T, and a couple Cisco 10mbit). Sure, they don't have anywhere near the protocol support that a modern, more expensive switch has (even my Powerconnect 5324 puts it to shame), but they usually have the things you need to run a decent home network (link aggregation, spanning tree, and of course, VLAN support).

@zprst
I am surprised you don't like the Via. I don't have that particular model, but I own two EPIA boards (one is a C3, the other is a C7) and they have worked almost flawlessly. There was an issue with VLAN tagging on the C7 machine being sent in the wrong endian (VT6122 controller), but a quick PR to the FreeBSD team got that fixed right away. It runs with 9K jumbo frames, hardware VLAN tagging, polling, etc., with no issues. The SN10000EG does use a different controller (VT6130), and I don't run Linux, so I can't comment on that particular situation, but these boards have been amazing for me, particularly for their hardware crypto.

_________________
Asus Maximus V Gene | Intel Core i7-3770 | 2x 4GB G.SKILL 1600MHz DDR3 (waiting for 2.8GHz to appear) | EVGA GeForce GTX 670 2GB | Samsung Spinpoint M8 1TB 5400RPM | SanDisk Extreme 120GB SATA-III SSD | Seasonic X-560 | Antec DF-35


Top
 Profile  
 
 Post subject:
PostPosted: Fri Nov 20, 2009 2:20 pm 
Offline

Joined: Sun May 04, 2008 2:57 pm
Posts: 507
Location: England
yoitsmeremember wrote:
This is quite the thread! Allow me weigh in on a few things...

@jessekopelman/Monkeh16
Managed switches, especially 100mbit, are very easy to come by. I'm in the business so I get some (HP 2424M) from contacts I know, but some I pick up as the local college/businesses upgrade their network and hand off the old switches to surplus outlets (HP 4000M + modules, BayStack 350T, and a couple Cisco 10mbit). Sure, they don't have anywhere near the protocol support that a modern, more expensive switch has (even my Powerconnect 5324 puts it to shame), but they usually have the things you need to run a decent home network (link aggregation, spanning tree, and of course, VLAN support).


100Mbit, yes. Gigabit is much harder (to the tune of several hundred pounds). And if you want to mix MTUs in a simple manner, you can tack another 50% on that for a layer-3 switch.


Top
 Profile  
 
 Post subject:
PostPosted: Sat Nov 21, 2009 12:15 pm 
Offline

Joined: Sat Sep 01, 2007 4:18 am
Posts: 42
Location: earth
Monkeh16 wrote:
100Mbit, yes. Gigabit is much harder (to the tune of several hundred pounds). And if you want to mix MTUs in a simple manner, you can tack another 50% on that for a layer-3 switch.

Yes, but very very few home networks need a gigabit switch. Also, the OP was running a Linux router so L3 switch isn't necessary.

_________________
Asus Maximus V Gene | Intel Core i7-3770 | 2x 4GB G.SKILL 1600MHz DDR3 (waiting for 2.8GHz to appear) | EVGA GeForce GTX 670 2GB | Samsung Spinpoint M8 1TB 5400RPM | SanDisk Extreme 120GB SATA-III SSD | Seasonic X-560 | Antec DF-35


Top
 Profile  
 
Display posts from previous:  Sort by  
Post new topic Reply to topic  [ 40 posts ]  Go to page Previous  1, 2

All times are UTC - 8 hours


Who is online

Users browsing this forum: No registered users and 1 guest


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Search for:
Jump to:  
Powered by phpBB © 2000, 2002, 2005, 2007 phpBB Group