Virtual Networking
Michael Vanecek
mike at mjv.com
Thu May 4 08:49:40 MST 2006
Heh - you think too highly of me. :) Getting 2 nics working was easy.
Firewalling took a bit of research, plus going thru every server (I run
Apache/Mysql/PHP for webdevel, as well as Webmin and let's not forget X)
and configuring it not to listen to requests from the external nic and
disabling ICMP access and whatnot. I'd have to re-research it to do it
all over again. :) Currently, the internal network is 192.168.192.* - I
was thinking of setting the second one to 192.168.193.* - is that enough
to isolate the two networks and still give access to the gateway which
is 192.168.192.2? Not sure if I need to alter the subnet mask tho for
the virtual network - it's currently the standard 255.255.255.0 for the
internal network and if I alter it, I'm afraid I'll disable access to
the gateway - tho I'm far from a network expert. Thanks for letting me
know it's possible - I double-checked and indeed have no available PCI
slots and don't really wish to spend $150 for a dual-eth nic - tho the
USB network is still an option. I have a spare switch if it comes down
to that.
Be well,
Mike
--
http://www.taroandti.com/ Exotic Plants and More...
http://www.mjv.com/ Home...
Darrin Chandler wrote:
> On Wed, May 03, 2006 at 11:23:20PM -0500, Michael Vanecek wrote:
>> Everything goes via my gateway firewall system - 2 nics - one internal
>> with static IP and serving my internal network, and the other nic
>> connected to the DSL modem - dhcp. The one connected to the DSL modem is
>> filtered heavily - I don't trust the modem security. So, essentially,
>> I'm creating yet another internal network isolated from the other, but
>> still able to use the gateway to get on the internet. Was hoping I could
>> do this virtually - I ran out of PCI slots for yet another NIC,
>> methinks. Will have to see if I can pull something out or hook up a USB
>> lan adapter and another switch...
>
> Yes, you should be able to do this virtually. The best thing is that you
> can try it without a screwdriver. Just alias a second address w/
> different subnet. Routing for the subnet should happen automatically.
> You may have to make the default route work right, and other machines on
> that subnet will need to know the gateway machine. But it sounds like
> you can manage all that...
>
More information about the PLUG-discuss
mailing list