[ previous ] [ next ] [ threads ]
 
 From:  Melvin Backus <melvin at sleepydragon dot net>
 To:  Joe Lagreca <lagreca at gmail dot com>
 Cc:  Monowall List <m0n0wall at lists dot m0n0 dot ch>
 Subject:  Re: [m0n0wall] How to subnet OPT1 and still offer DHCP for each subnet?
 Date:  Wed, 18 Aug 2004 17:19:56 -0400 
No problem.  I should have figured there was a method to the madness as 
they say.  In that case you're already requiring the Linksys, so go for 
it.  As someone else already mentioned, there is a separate setting for 
each optional interface for dhcp, but that would essentially require that 
you have a separate interface for each office.  That is probably a good 
choice if it's physically feasible, but on most hardware I'd expect that it 
would require multiple NIC cards.  I don't know which if any of them are 
supported.  That would be much more secure since it would prevent anyone 
from sniffing packets on another subnet since they're no longer physically 
connected.  It does however restrict how many subnets you could offer.  It 
may be a reasonable solution though, and certainly worth investigating I 
would think.  Assuming that you're charging these other offices for 
connectivity, etc., any additional cost for the NICs and possibly different 
hardware could easily be justified and passed along as required.

later...

Melvin

At 02:59 PM 8/18/2004, Joe Lagreca wrote:
>I'm sorry, I didnt explain what I was doing with the Linksys.  It will
>be the WRT54G, which has wireless capabilities, and will be used to
>create a wireless link between my NOC and the offices around me.
>Since it is already being used for the wireless link, I thought it
>would be an easy solution to turn DHCP on and have it handle each
>users office.  That way their router is managed by me, and all they
>have to do is plug a hub/switch in their office to get more ports, no
>configuration necesary.
>
>Joe
>
>
>On Wed, 18 Aug 2004 14:43:40 -0400, Melvin Backus
><melvin at sleepydragon dot net> wrote:
> > Joe Lagreca wrote:
> >
> > >After I posted this message to the group I thought of increasing the
> > >subnet size to give each office more address.  I think I will do that.
> > >
> > >I'm unclear on your suggestion about not having the linksys do DHCP.
> > >I don't really want the offices networks to be NAT behind a NAT.  So I
> > >will do the NAT, and run it to the LAN of the offices.  I will then
> > >turn DHCP on the LAN of the Linksys and it can assign the IP addresses
> > >for the subnet I assign them.  I would love to have my m0n0 handle the
> > >whole thing, but I dont see how m0n0 can assign DHCP to multiple
> > >subnets.  If someone knows how to have m0n0 to handle DHCP for
> > >multiple subnets I would love to hear your suggestion.
> > >
> > >Thank you.
> > >
> > >Joe
> > >
> > >
> >
> > Actually I was suggesting load a DHCP server implementation on one of
> > the machines on that subnet and eliminate the need for the Linksys since
> > it sounded like you weren't going to use the WAN interface at all
> > anyway.  The extra overhead to do DHCP for a small lan is minimal.
> >
> > --
> > Melvin Backus
> > Principal Wizard
> > Sleepy Dragon Enterprises
> > --
> > Do not meddle in the affairs of dragons, for
> > you are crunchy, and taste good with ketchup!
> > --
> >
> >

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Whom computers would destroy, they must first drive mad.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Melvin Backus
Principal Wizard
Sleepy Dragon Enterprises
www.sleepydragon.net