[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Fw: [suse-security] Advice Please - Extending a Network



> If the hardware solutions described are not an option then you have two
> options using Linux (i) seperate subnets or (ii) a bridge.  The latter
> consists of extra modules in the kernel which effectively turn your box
into
> a switch, thus saving the expense, and all LAN traffic goes across both
> segments.  Alternatively split the LAN into two subnets, have two IP
> addresses, one for each NIC and have DHCP serve different IP addresses to
> hosts on each segment.  This is more traditional in some ways but can be
> annoying for users, depending on what applications they use.  For instance
> if they are SMB clients that want to browse a "Network Neighbourhood" then
> you'll need to implement a WINS server (and possibly a domain server) to
> keep the two subnets talking to each other.
>
> Carl Peto
> Linux Server Support
> Bookman Associates

It seems to be quite hard to find an 8 port hub with a coax connector,
though I will keep looking.

In the meantime can you expand on what I need to do following your (i)
seperate subnets suggestion.

I am already running  ...

1) DHCP(providing IP addresses to the local machines and also updating the
DNS zone files automatically)
2) DNS (administering the local domain and forwarding to my Cable Company's
DNS servers)
3) SuSEFirewall2 (blocks everything inbound, there are NO services
accessible from the internet other than those initiated by the local network
machines)
4) Samba to support Windows Clients
5) Squid

so I think I have all the parts running I need, but need some pointers on
how to add the extra interface into the settings for each.

Thanks everyone for your advice.

Philip


-- 
Check the headers for your unsubscription address
For additional commands, e-mail: suse-security-help@xxxxxxxx
Security-related bug reports go to security@xxxxxxx, not here