Setting up separate network question
Ben Scott
dragonhawk at gmail.com
Wed Mar 19 10:22:58 EDT 2008
On Tue, Mar 18, 2008 at 5:59 PM, Labitt, Bruce
<labittb1 at tycoelectronics.com> wrote:
> Geesh, didn't mean to make it so complicated...
You didn't. Complexity spontaneously generates from the ether. :)
> However, using the CentOs box as a gateway/router is not allowed on my
> network, by company policy.
Did they give you a specific reason? If not, politely ask them for
one. If they refuse to give a reason, politely and diplomatically
explain that if they refuse to work with you, you'll have to take the
issue up with management.
Once you have a reason, we can probably come with a workaround for
any objection they have. Some likely scenarios:
A1. If they just dislike the idea of a general-purpose computer
doing the job, buy a $50 SOHO router. Plug the "Internet" side of the
router into the corporate network. Plug the "Local" side of the
router into your gig switch.
A1(a). If you need special DHCP options which the SOHO router can't
give you, disable DHCP on the router, and enable DHCP on the CentOS
box's second interface, and just use the CentOS box to run DHCP, not
for routing. (Optionally,
A2. If they just have an objection to NAT, have them delegate you a
subnet from the corporate network, routed to your CentOS box. Have
the CentOS box be a router without doing NAT.
A3. If they have an objection to both NAT and general-purpose
computer, combine scenarios A1 and A2. But make sure the SOHO router
you buy lets you disable its NAT feature. In my experience, LinkSys
boxes generally can, but some other brands can't.
A4. If they have an objection to you running DHCP on your own, use
any of scenarios A1, A2, or A3, but disable DHCP everywhere, and
manually configure all your nodes with static IP addresses.
A5. If they have an objection to you doing any kind of IP
administration on your own, then have them delegate a subnet as in A2,
but have them give you a dedicated router port, and plug that directly
into your switch. That will get rid of pretty much all the LAN
garbage traffic you might see, isolating your cluster network
reasonably well, but give them control of everything on the network.
-- Ben
More information about the gnhlug-discuss
mailing list