Re: [m0n0wall] Question regarding 50+ vlans on one interface .. does it work ?

From:	"Kristian Shaw" <monowall at wealdclose dot co dot uk>
To:	"Aaron with Morad" <aaronc at morad dot ab dot ca>, <m0n0wall at lists dot m0n0 dot ch>
Subject:	Re: [m0n0wall] Question regarding 50+ vlans on one interface .. does it work ?
Date:	Sun, 8 Jan 2006 23:50:24 -0000

Hello,

Private VLANs may perhaps be a Cisco way of describing a similar thing:

http://www.cisco.com/univercd/cc/td/doc/product/lan/cat6000/sw_5_4/config/vlans.htm#wp28122

However, I know that even some Netgear SmartSwitches (less than £200 for 48 
ports) support Port Based VLANs so such a system doesn't need to be 
expensive.

Regards,

Kris.

----- Original Message ----- 
From: "Aaron with Morad" <aaronc at morad dot ab dot ca>
To: <m0n0wall at lists dot m0n0 dot ch>
Sent: Sunday, January 08, 2006 8:32 PM
Subject: Re: [m0n0wall] Question regarding 50+ vlans on one interface .. 
does it work ?


> >If you are looking to isolate machines from each other it might be worth
>>seeing if your switch supports private VLANs. The idea behind this is that
>>devices on each port on the switch can only see the default gateway (the
>>m0n0wall which sits on a promiscuous port that is seen by all the other
>>ports in the VLAN), whilst at the same sharing the same subnet.
>
> Good idea.  This would be a much easier way to do this.  I believe you are
> referring to port-based VLANs as opposed to 802.1q VLANs.  I have done 
> this
> in a test environment in my office with much success.  This would allow
> Jurgen to use one OPT on m0n0 and a single DHCP server.
>
>
> Aaron
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
> For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch
>
>