Setting up separate network question

Labitt, Bruce labittb1 at tycoelectronics.com
Wed Mar 19 11:01:40 EDT 2008 

Good analysis.  I'll go check this out.  One of the reasons originally
given to me was "they" did not want the possibility of ever having a
DHCP server [mine] getting attached to the corporate network.  I don't
blame them, but I would think there are alternate ways to ensure this.  

I've marked up a couple diagrams to give to my network guy.  I'm sure we
can work something out.  Maybe sometime I'll actually get to do some
work on this. ;)

Regards,
Bruce

-----Original Message-----
From: gnhlug-discuss-bounces at mail.gnhlug.org
[mailto:gnhlug-discuss-bounces at mail.gnhlug.org] On Behalf Of Ben Scott
Sent: Wednesday, March 19, 2008 10:23 AM
To: Greater NH Linux User Group
Subject: Re: Setting up separate network question

On Tue, Mar 18, 2008 at 5:59 PM, Labitt, Bruce
<labittb1 at tycoelectronics.com> wrote:
> Geesh, didn't mean to make it so complicated...

  You didn't.  Complexity spontaneously generates from the ether.  :)

>  However, using the CentOs box as a gateway/router is not allowed on
my
>  network, by company policy.

  Did they give you a specific reason?  If not, politely ask them for
one.  If they refuse to give a reason, politely and diplomatically
explain that if they refuse to work with you, you'll have to take the
issue up with management.

  Once you have a reason, we can probably come with a workaround for
any objection they have.  Some likely scenarios:

  A1.  If they just dislike the idea of a general-purpose computer
doing the job, buy a $50 SOHO router.  Plug the "Internet" side of the
router into the corporate network.  Plug the "Local" side of the
router into your gig switch.

  A1(a).  If you need special DHCP options which the SOHO router can't
give you, disable DHCP on the router, and enable DHCP on the CentOS
box's second interface,  and just use the CentOS box to run DHCP, not
for routing.  (Optionally,

  A2.  If they just have an objection to NAT, have them delegate you a
subnet from the corporate network, routed to your CentOS box.  Have
the CentOS box be a router without doing NAT.

  A3. If they have an objection to both NAT and general-purpose
computer, combine scenarios A1 and A2.  But make sure the SOHO router
you buy lets you disable its NAT feature.  In my experience, LinkSys
boxes generally can, but some other brands can't.

  A4. If they have an objection to you running DHCP on your own, use
any of scenarios A1, A2, or A3, but disable DHCP everywhere, and
manually configure all your nodes with static IP addresses.

  A5. If they have an objection to you doing any kind of IP
administration on your own, then have them delegate a subnet as in A2,
but have them give you a dedicated router port, and plug that directly
into your switch.  That will get rid of pretty much all the LAN
garbage traffic you might see, isolating your cluster network
reasonably well, but give them control of everything on the network.

-- Ben
_______________________________________________
gnhlug-discuss mailing list
gnhlug-discuss at mail.gnhlug.org
http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss/

More information about the gnhlug-discuss mailing list