perl and network addresses

[Jason Stephenson]

Paul Lussier wrote:

> Errr, no, just the opposite actually.  Trying to *prevent* routing
> from a very existent router :)

Sounds to me like what you really need is a router with VLAN capability. 
If I understand correctly, it sounds like you're trying to implement VLANs.

Your setup actually sounds very similar to something that we're 
designing for all the libraries in our consortium. Right now, each site 
has a Class C (/24) on a 10.10.*. In the near future, we plan to 
implement each site having a Class B (/16) with different class Cs for 
each VLAN. For example, if a site is now on 10.10.32.0, it will move to 
10.32.0.0 with something like 10.32.0.0/24 reserved for network 
equipment, 10.32.10.0/24 for the staff, 10.32.20.0/24 for the public, 
10.32.30.0/24 for staff wireless, 10.32.40.0/24 for public wireless, 
etc.--The Dracut Public Library will be our first test case, since 
they're moving (back) into their renovated building next month.

Without VLANs setup in the router, I can't imagine how that would work 
to prevent traffic among the various 10.32.0.0 "subnets." I suppose you 
could simulate it with some really complicated routing rules.

At this point, my knowledge on the matter of networking begins to recede 
into nothingness. I can set up a simple Linux or *BSD router/firewall. I 
can do the math (poorly, but that's what computers are for). I can even 
use the socket() interface, but configuring fancy-shmancy, complicated 
network topologies is beyond my current abilities.

I didn't design the above mentioned topology, nor did I figure out the 
configuration in the Cisco routers that we buy. However, I'm promised by 
our contractor that they'll show me enough so I can break things. ;)

Long story made slightly longer, I'd suggest looking up how to configure 
VLANs on whatever you're using for a router.--I know you mentioned a 
FreeBSD firewall earlier.

Cheers,
Jason "Can't-the-network-for-the-wires" Stephenson