Re: [m0n0wall] Can mono handle two networks one a single nic

From:	Lee Sharp <leesharp at hal dash pc dot org>
To:	m0n0wall at lists dot m0n0 dot ch
Subject:	Re: [m0n0wall] Can mono handle two networks one a single nic
Date:	Fri, 02 Sep 2011 12:07:11 -0500

On 09/02/2011 03:05 AM, Ilkka Tengvall wrote:
> Would someone mind telling me why monowall community and documentation
> considers this as a bad idea? To me the network interface aliasing is
> extremely good idea. I'm obviously missing something here, since it's
> been so long considered as a bad thing in monowall discussions.

The first is collisions.  If you have to networks on one collision 
domain, it is potentially very noisy.
The second is security.  You have none at all this way.  At least with a 
v-lan you have something separating them.

> I claim it's waste of money and resources to buy separate network
> cards and switch just to connect two ip's into the same network (or to
> connect to external DSL box), in case of not being bottleneck due
> heavy traffic. For me personally this along with the missing openvpn
> are the only shortcomings of monowall.

As to your case, sticking a second IP on WAN so you can log into a DSL 
box is not a big issue.  But if you make it easy to be sloppy, then 
people will do it in cases where it is a problem, and then we get the 
support questions. :)

			Lee