[ previous ] [ next ] [ threads ]
 
 From:  "Brian Mills" <brianmills at fletcherssolicitors dot co dot uk>
 To:  <m0n0wall at lists dot m0n0 dot ch>
 Subject:  RE: [m0n0wall] Three offices and three Private Circuits!
 Date:  Thu, 3 Feb 2005 16:39:37 -0000
I have a cunning plan to assign the network ports for the LAN extensions
such that:
 
(at site 1)
 
LAN 89.0.4.5/24
WAN (not used)
OPT1 10.0.0.1/24
OPT2 bridge to OPT1
 
then to connect OPT1 to the link to site 2, OPT2 to the link to site 3
 
(site 2) 
 
LAN 90.0.4.5/24
WAN (setup for my ISP)
OPT1 10.0.0.2/24
OPT2 bridget to OPT1
 
connect OPT1 to the link to site1, OPT2 to the link to site 3
 
(site 3)
 
LAN 91.0.4.5/24
WAN (not used)
OPT1 10.0.0.3
OPT2 bridge to OPT1
 
connect OPT1 to the link to site 1, OPT2 to the link to site 2
 
Then with correct static routes and firewall entries COULD it work?!? Or
will everything turn into a big feedback loop and die horribly?
AS far as redundancy is concerned I am not worried if I have to make a few
changes to each m0no if one of the links dies, but I cannot afford hours of
downtime.
 
 
Thanks for any typing back to me!
 
Millsey
 
 
 
 

-----Original Message-----
From: Keith Redfield [mailto:kredfield at airsurfwireless dot com] 
Sent: Thursday, February 03, 2005 4:17 PM
To: Brian Mills; m0n0wall at lists dot m0n0 dot ch
Subject: RE: [m0n0wall] Three offices and three Private Circuits!


Without floating static routes (at the least) I don't think you can do this.
You might do better with a linux firewall which supports a routing protocol
like RIP or OSPF. But you need something which can a) detect the link down
and b) adjust routing tables based on path cost.
 
The $20 cisco's on Ebay can all do it, but no GUI and many nights reading
thick manuals. They also automatically load-balance equal-cost paths.
Combined with your m0n0's would make a decent combo. But quite a few gotchas
depending on how those circuits are provisioned (ethernet pops, vs T1 DSU,
etc)
 
Cheers,
 
-Keith
 

  _____  

From: Brian Mills [mailto:brianmills at fletcherssolicitors dot co dot uk]
Sent: Thu 2/3/2005 6:06 AM
To: m0n0wall at lists dot m0n0 dot ch
Subject: [m0n0wall] Three offices and three Private Circuits!



We have three offices LS HH and WH. We already have an office LAN extension
from LS to HH. We have just commissioned new circiuts from HH to WH and WH
to LS. I have just bought 3 Soekris 4801's with the extra net ports so each
m0n0wall has 5 network ports.

LS currently has 89.0.4.0/24 and HH has 90.0.4.0/24 and we are planning to
use 91.0.40./24 for the WH office

What I need to configure is the m0n0walls to route between each office and
have redundancy so that if a link goes down, m0n0wall will reroute the data
"the long way round" so that one LAN extension failing will not disrupt the
network. It would also be nice to distribute the data between the
connections to increase bandwidth. I am familiar with m0n0wall as we
currently use it to firewall our WAN internet and to route between LS and HH
and uses traffic shaping to ensure VOIP calls between LS and HH work
smoothly. Do I need to set up VLANS or what?? Any help appreciated as I
cannot get my head round this!

Millsey



For all your legal advice see http://www.fletcherssolicitors.co.uk

Legal Notice:

If you are not the intended recipient of this message, you should disregard
the content and delete this message. Please notify our Systems Department at
systems at fletcherssolicitors dot co dot uk
The opinions expressed in this transmission are those of the sender and do
not necessarily reflect those of the practice.
Fletchers Solicitors confirm that the message and any attachments have been
scanned for viruses, however Fletchers Solicitors cannot be held responsible
for any damage or data loss caused by this transmission.


---------------------------------------------------------------------
To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch





For all your legal advice see http://www.fletcherssolicitors.co.uk

Legal Notice:

If you are not the intended recipient of this message, you should disregard the content and delete
this message. Please notify our Systems Department at systems at fletcherssolicitors dot co dot uk 
The opinions expressed in this transmission are those of the sender and do not necessarily reflect
those of the practice.
Fletchers Solicitors confirm that the message and any attachments have been scanned for viruses,
however Fletchers Solicitors cannot be held responsible for any damage or data loss caused by this
transmission.