[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: OT-hijacked. . .Re: [K12OSN] Solving the bandwidth bottleneck



On Tue, 2005-05-10 at 23:10, Doug Simpson wrote:

> So, how then do you get the ability to put public and private IP 
> addresses on the same physical wire?

Usually that is something you want to avoid.  You can overlay
different subnet ranges on the same wire - it's ugly but it works.
What people are saying is a bad idea is to connect 2 nics from
the same machine onto that network. 

> For example, a Printer in the office has a JetDirect in it and is 
> available on a public IP address, and connected to a small switch.  
> Another port on that switch is connected to a workstation that gets it's 
> IP address via DHCP (a private number). 

If you really want a public address on the printer, let something
route your private addresses there.

> From what I gather, it would be required to run individual cables for 
> each IP range to every connection so that the public and private would 
> always be separate.

Usually you let the k12ltsp box act as a NAT router for the private
range on it's 'inside' NIC - and a server for the printers.

> Let's say the workstation mentioned above is set up to dual-boot, and 
> get's it's IP when booted as a LTSP terminal from the DHCP on the 
> private range NIC.
> 
> But, this same workstation, when run in Winders, requires a public IP 
> address.  Then what do you do? Change the cable  each time you want to 
> use the other OS?  Unhandy! Especially for users!

Why does it need a public address?  Unless it is acting as a server (in
which case you would probably leave it on all the time instead of dual
booting...) it should get along fine with a private address NATed
through the k12ltsp server.  Or, if you have enough public addresses
to split into subnets, the 2nd k12ltsp NIC could be a public branch
and you could turn off NAT.

> So far, having two NICs on the same switch hasn't seemed to adversely 
> affect it . . .

Aside from normally wanting the firewalling from the public/private
split, the main problem most people would have with your scheme is
that you are leaking private DHCP addresses onto all of the connected
networks.  If you have static-assigned all of the public addresses
it won't matter, but it wouldn't work most places.

-- 
  Les Mikesell
   les futuresource com



[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]