[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: OT-hijacked. . .Re: [K12OSN] Solving the bandwidth bottleneck



More info. . .

Les Mikesell wrote:

On Tue, 2005-05-10 at 23:10, Doug Simpson wrote:



So, how then do you get the ability to put public and private IP addresses on the same physical wire?



Usually that is something you want to avoid. You can overlay
different subnet ranges on the same wire - it's ugly but it works.
What people are saying is a bad idea is to connect 2 nics from
the same machine onto that network.


But unless you want to run two completely different networks (physical plant wiring) all over the campus, to 5 buildings and 150 rooms . . .



For example, a Printer in the office has a JetDirect in it and is available on a public IP address, and connected to a small switch. Another port on that switch is connected to a workstation that gets it's IP address via DHCP (a private number).


If you really want a public address on the printer, let something route your private addresses there.

It has a public IP because our state-wide comouter network, used for student data dna administration, printe through local printers, and therefore, requires publicly available IP number (we have many of such units.)




From what I gather, it would be required to run individual cables for each IP range to every connection so that the public and private would always be separate.



Usually you let the k12ltsp box act as a NAT router for the private range on it's 'inside' NIC - and a server for the printers.

It does this, but both ranges are on the same set of wires. I will have to go examine and make sure that both NICs are on different switches, but they are on the same physical network, even if they are on separate switches.




Let's say the workstation mentioned above is set up to dual-boot, and get's it's IP when booted as a LTSP terminal from the DHCP on the private range NIC.

But, this same workstation, when run in Winders, requires a public IP address. Then what do you do? Change the cable each time you want to use the other OS? Unhandy! Especially for users!



Why does it need a public address? Unless it is acting as a server (in
which case you would probably leave it on all the time instead of dual
booting...) it should get along fine with a private address NATed
through the k12ltsp server. Or, if you have enough public addresses
to split into subnets, the 2nd k12ltsp NIC could be a public branch
and you could turn off NAT.


The state-wide network requests that computers that access it for administration and student data have public IP numbers for troubleshooting efficiency. I do have some that are on private IPs and they work fine, too though.



So far, having two NICs on the same switch hasn't seemed to adversely affect it . . .



Aside from normally wanting the firewalling from the public/private split, the main problem most people would have with your scheme is that you are leaking private DHCP addresses onto all of the connected networks. If you have static-assigned all of the public addresses it won't matter, but it wouldn't work most places.



All of the public IP addresses are assigned, and nearly all of the private numbers are DHCP. There are a few, like lab servers and private printers that have private numbers assigned.

This has been working seemingly flawlessly for 4 years, with over 700 computers connected. . . It may be wrong, but I don't have much trouble with it. . .

It is nice because it don't matter what kind of device I am connecting, a public printer, private workstation, private server, private printer, LTSP terminal, public workstation, whatever, I can connect it and it just works, all on the same wire. . .

Doug



[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]