split/isolate network
NoOp
glgxg at sbcglobal.net
Sun Nov 21 04:34:15 UTC 2010
On 11/20/2010 06:10 PM, rikona wrote:
...
>
> I'm concerned about the "could not speak to 192.168.1.129 without a
> router" above, though. Does this mean that they COULD communicate if I
> have a router ahead of the splitter box? I was considering:
>
> cable modem -> router/firewall -> linux box -> 2 isolated net
> connections
>
> If so, does that mean that I would have to prohibit, in the splitter
> box, *incoming* from the 'other half' IP addresses, to get around this
> problem? Does the router, in general, essentially undo what I'm trying
> to do in the splitter box if I ONLY do just splitting?
I'm a little confused on exactly what/why you are trying to accomplish.
Both subnets will need to share a common gateway with only one internet
connection. So why not just add another router to 'router/firewall' and
have it issue DHCP on a separate subnet?
cable modem -> router/firewall1 -> subnet1 (fixed IP wired)
|
router/firewall2 -> subnet2 (DHCP wireless)
If the routers are configured properly, subnet2 will never see subnet1
unless you allow it in the routers firewall rules. This is how I
separate my 'guest' wireless from my wired machines. Wired is on a
highly configurable Cisco router, Wireless is on standard Netgear
wireless router/firewall2 -> subnet2.
More information about the ubuntu-users
mailing list