[ previous ] [ next ] [ threads ]
 
 From:  Adam Piasecki <apiasecki at midatlanticbb dot com>
 To:  Chris Buechler <cbuechler at gmail dot com>
 Cc:  m0n0wall at lists dot m0n0 dot ch
 Subject:  Re: [m0n0wall] Blocking ARP Requests? Even Possible?
 Date:  Mon, 07 Apr 2008 17:57:19 -0400
Well, there is a point in doing it,  I can't assign a secondary IP 
address's in m0n0wall(LAN SIDE). The only way around this was to use 
another NIC card.

The other problem i have, is that not all my devices are capable of 
generating VLAN tags. So I'm forced to but both management traffic and 
user traffic on the same switch.

I don't really have a problem with this, as my users would have to poke 
around a little bit to even find the management address range, and all 
my boxes are password protected.

I'll look into the sysctl command,

thanks,
Adam

Chris Buechler wrote:
> On Mon, Apr 7, 2008 at 5:17 PM, Wayne Fiori <dev9null at gmail dot com> wrote:
>   
>> Put the two networks on different VLANs if you need to keep both
>>  interfaces connect to the same switch.
>>
>>     
>
> Yeah, ideally you never want two interfaces plugged into the same
> switch like that. There isn't any point in doing so, and it's
> considered bad network design.
>
> There's a sysctl to silence the ARP warnings. I don't recall offhand
> if m0n0wall has a check box to accommodate that or not, check the
> Advanced page, it might be there. Otherwise google on that error
> message and you'll find the appropriate sysctl to turn it off.
>
> If you have a reason to use two interfaces like that, you should use
> two switches, or VLANs.
>
> -Chris
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
> For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch
>
>
>
>
>