Private in-house domain

[Python]

On Thu, 2007-05-17 at 14:04 -0400, Bill McGonigle wrote:
> On May 17, 2007, at 09:40, virginsnow at vfemail.net wrote:
> 
> > Will than really work?  How would the ifup scripts deal with the fact
> > that the host has no address on that network?
> 
> Hmmm... I've only played with route-eth0 files once or twice, but I  
> seem to recall doing something similar in the past.  It might have  
> been via eth0 rather than via an IP address... I'm murky on it.  I  
> can think of how to do the route with the old school route command,  
> but I must admit to being a bit behind on the ip command, which forms  
> the basis for the route-eth0 file.  If it were a more sane day/week  
> I'd setup a few VM's to find a real answer.  If anyone can rule this  
> out that would be good information. :)
> 
> The basic idea would be to say that 192.168.1.0/24 is on eth0, so  
> when the gateway is 192.168.1.1 it knows where to drop the ethernet  
> packet.  I _think_ ARP can take it from there, but it wouldn't  
> surprise me if I'm confused about that - I usually try to have the  
> router with an address in each subnet it's serving.  Come to think of  
> it, I'm pretty sure one of our more advanced WRT54G hackers (Lloyd,  
> Ben?) 

I was tempted to post a reply, but was baffled by the problem
description.  

I configure my routers to organize my network, and configure my
computers to match the routers.  If the router interface is
192.168.1.1/24 then my computers are on 192.168.1.[2 - 254]/24.  If a
computer needs to talk to more than one router, I give it a
sub-interface (e.g. eth0:1) with a valid IP address for the additional
router.  The ethernet switch would normally be configured with vlans
that segregate the traffic between the alternative routers.

The flip side of this is when a single router deals with multiple vlans
and has sub-interfaces for each vlan, each with its own IP address.
(For this I am typically dealing with cisco gear.)

The normal WRT54GL setup assigns the lan IP address to the (software)
bridge that combines the lan and wireless ports.  The wan address is
assigned directly to vlan1.  I have never attempted to create
sub-interfaces on the WRT54GL.  

In my bridging-filter presentaion, I break the LAN side into two vlans.
The bridge retains its single IP address, but now combines two vlans
with the wireless device.  ebtables was used to filter packets between
the two lan side vlans.  The actual IP addresses of the devices on the
lan were irrelevant since there was no routing involved.  The WRT54GL
was simply bridging the two vlans and filtering unwanted packets.  The
IP address of the bridge was used simply to control the WRT54GL.

However, I am still puzzled by the desire to have two subnets overlaid
onto a single network with a single router.

> could figure out a way to put one of the ports on the router  
> into a different VLAN and then IP address it.  I'm not sure that  
> would get to where Pat wants to be on network design, though I admit  
> I don't really understand her requirement on that.
> 
> > I also suspect that, on his Linksys box, TOP has 0 > rp_filter.
> > Otherwise, the router should/would drop packets from 10.25.1.0/24
> > because they wouldn't match 192.168.1.1/24... which means that NAT to
> > the Net wouldn't work.
> 
> Hmm, could be... with some BSD NAT devices I've worked with, NAT will  
> work from other networks if there's a static route on the gateway  
> machine.  I haven't tried this with a linux gateway, though.
> 
> -Bill
> 
> -----
> Bill McGonigle, Owner           Work: 603.448.4440
> BFC Computing, LLC              Home: 603.448.1668
> bill at bfccomputing.com           Cell: 603.252.2606
> http://www.bfccomputing.com/    Page: 603.442.1833
> Blog: http://blog.bfccomputing.com/
> VCard: http://bfccomputing.com/vcard/bill.vcf
> 
> _______________________________________________
> gnhlug-discuss mailing list
> gnhlug-discuss at mail.gnhlug.org
> http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss/
-- 
Lloyd Kvam
Venix Corp