[ previous ] [ next ] [ threads ]
 
 From:  Kevin Coleman <kevin at gabu dot com>
 To:  m0n0wall at lists dot m0n0 dot ch
 Subject:  Re: [m0n0wall] 2 adsl
 Date:  Thu, 02 Sep 2004 12:01:14 -0700 
I'm not a m0n0wall DHCP user (let alone an expert), but based on a quick 
look at the UI, it doesn't appear that you can set up multiple pools for the 
same network using m0n0wall. Also, it appears that you can't hand out 
different gateways via DHCP per address pool. You can do it via different 
networks on different interfaces. One m0n0wall can hand out addresses via 
DHCP for both networks, but if that one m0n0wall goes down, the entire 
network goes down. If you use DHCP on each m0n0wall, at least the remaining 
half of the network could continue to function.

No fancy switch is required if you have two physical switches. Managed 24 
port VLAN switches can be purchased on eBay for about $100, so it's not much 
of a barrier if you wanted to go that route. (pun?)

You could do it with one network if you were to statically configure each 
host for a different gateway. (WAY too much work for me.)You might be able 
to use an alternate DHCP server capable of handing out the entire IP 
configuration per MAC address. m0n0wall can only do IP address reservations 
based on MAC address. It can't hand out a different gateway.

If you're just using m0n0wall boxes, I'm not sure that there is an easier 
way. However, there certainly could be.

The setup is very similar to having two offices in different locations with 
their own connections to the Internet and a connection to each other (i.e. 
VPN). It's just that you don't need the VPN and virtual link because you 
have a physical one.

(K)
----- Original Message ----- 
From: "Mitch (WebCob)" <mitch at webcob dot com>
To: "Kevin Coleman" <kevin at gabu dot com>; <m0n0wall at lists dot m0n0 dot ch>
Sent: Thursday, September 02, 2004 9:26 AM
Subject: RE: [m0n0wall] 2 adsl


>I think that is overcomplicated... a logical segmentation could work too?
>
> A single DHCP server can be set to hand different settings to different
> users... you can create two address pools I think, or map specific MAC's 
> to
> specific networks.... then with ONE physical network, and two mono's with 
> a
> LAN and a WAN interface, one configured as gateway for network 1, the 
> other
> for network 2...
>
> No fancy vlan switch, no 3 leg networks - no segmentation...
>
> You still get the benefit of two routers, which gives you some redundancy,
> and by editing the DHCP settings, you could switch all users to a single
> network (in case of network failure)  by just having the users reboot
> (assuming windows users without admin rights) / re-aquire their addresses.
>
> The DHCP server config is a little harrier than most this way - would need
> to be manual I think, but simple enough if you read the man and look at 
> the
> samples.
>
> m/
>
>> -----Original Message-----
>> From: Kevin Coleman [mailto:kevin at gabu dot com]
>> Sent: Thursday, September 02, 2004 8:08 AM
>> To: m0n0wall at lists dot m0n0 dot ch
>> Subject: RE: [m0n0wall] 2 adsl
>>
>>
>> I only recommend this solution as a last resort as it will increase the
>> complexity of your network, add additional equipment, reduce
>> reliability, and increase the effort to maintain the system.
>>
>
>