[K12OSN] DHCP Documentation
"Terrell Prudé Jr."
microman at cmosnetworks.com
Sat Sep 29 22:44:13 UTC 2007
Mel Wade wrote:
> I've isolated the K12LTSP server from the network and it boots right
> up using the LTSP's DHCP server. This is brining me closer to calling
> it a network problem.
>
I would tend to agree. If your network isn't running right, then you
have bigger problems.
> The problem I have with the VLAN option is that my content filter
> needs to see the client IP addresses of each client on the whole
> network and that would require, as I understand it, segmenting the
> network and routing traffic which would make all the clients in a dorm
> appear to the content filter as the IP address of the switch. I can't
> block a particular TCP port on the switch as that is Layer 4. I'm
> still looking for options...
>
Here's where I don't agree. Segmenting the network and routing traffic
would not make all the clients in a dorm appear to the content filter as
the IP address of the switch. I do content filtering all the time on
routed networks, and each client appears as itself. The only time
that's not true is if you're NAT'ing IP subnets internally (i. e. other
than at your Internet router or firewall), which, unless you have a
REALLY good reason and know exactly why you're doing it, is a bad idea.
As for blocking particular TCP ports on Layer 3 switches, I do that all
the time, too, assuming that your switch supports ACL's that allow you
to filter by TCP or UDP port. We use Cisco Catalysts in my district,
and they definitely support this.
--TP
More information about the K12OSN
mailing list