I've bee knocking my head whether our current implementation to be fine or
flawed:
We have one Windows NT Checkpoint Firewall server with 3 Interface (1), (2),
(3)
(1) --> Public Gateway using public IP address
(2) --> Internal 192.168.1.1 (24bit) <--- potenttial problem here
(3) --> DMZ xx.xx.xx.xx
Current implementation:
We ran out of 192.168.1.x IP addresses so we add routing table that
192.168.2.x is
routed to 192.168.1.1.
So imaginedly, 192.168.1.x & 192.168.2.x in the same physical subnet, but
192.168.2.x
clients have router to be set 192.168.1.1 (of course 192.168.1.x client have
192.168.1.1
as the router)
Thus 192.168.2.x is logical to 192.168.1.x. Both talking each other by
192.168.1.1 interface.
My concern: so far, the network architecture still works fine, but I am
afraid it is not right to design logical within physical routing like this
might cause the network performance problem
a. Broadcast, I sniff and seeing that every packet 192.168.2.x talking to
192.168.1.x, it just
talks to the MAC of 192.168.1.1
b. we can not get arp -a on 192.168.2.x while pinging 192.168.1.x client, so
the
packet will broadcast to 192.168.1.1 for network communication
I NEED ANY ONE TO GIVE ADVICE THAT THIS SHOULD NOT BE THE RIGHT
NETWORK CONFIGURATION (LOGICAL WITHIN PHYSICAL ROUTING)
Re: IPPNP ... If the client pc is configured with DHCP they ... The short answer is that this appears to be some kind of MAC based gateway protocol; basically, an 'internet access device' will forward any traffic it sees for a subnet which it isn't configured with, by spoofing ARP traffic so as to make it appear as though it is on that subnet. ... This sounds like a configuration nightmare to implement correctly, and goodness help you if you have more than one of these things connected to the same network.... Whilst it probably can be done in the network stack, I speculate it couldn't be turned on at the same time as a number of other features such as Proxy ARP, or CARP, and may have problems scaling to more than a two-armed router (that is, 1 WAN uplink, and 1 Ethernet interface running this stuff). ... (freebsd-net)
Logical routing within physical network segment!! PLEASE HELP GIVING ADVICES!! ... We have one Windows NT Checkpoint Firewall server with 3 Interface,, ...clients have router to be set 192.168.1.1 (of course 192.168.1.x client have ... so far, the network architecture still works fine, but I am ... NETWORK CONFIGURATION (LOGICAL WITHIN PHYSICAL ROUTING) ... (microsoft.public.win2000.networking)
