Re: Best solution to segment subnets
- From: Vince <Vince@xxxxxxxxxxxxxxxxxxxxxxxxx>
- Date: Mon, 12 Feb 2007 01:29:00 -0800
Hi Kurt,
so the switches wouldn't be uplinked each other... the uplink would be the
router, wouldn't be?
Dificult drawing in text :-)
Router 1
/ \
switch --- WAN LAN(192.168.1.0) --- switch --- Subnet 1
192.168.1.0
Router 2
/ \
switch --- WAN LAN(192.168.2.0) --- switch --- Subnet 1
192.168.2.0
What ip will have WAN each WAN router port? 192.168.0.x ? In the central
Rack kurt i have 3 swicthes uplinked, plus each switch on the rack in each
room through Optic fiiber.
This way
room 1 subnet 1
|
Fiber optic Uplinked
|
swicth 1 central rack
|
Ethernet uplinked
|
switch 2 central rack
|
Ethernet uplinked
|
switch 3 central rack
Room 2 the same way, uplinked with Fiber optic to one the swicthes in the
central rack.
So i think i am understanding,
ping from subnet to another subnet not, because wan -> lan (it couldn't be)
But ping from subnet to internet yes, because subnet lan -> NAT(192.168.0.x)
-> wan ok
DHCP scope really necesary?
I am right?
Thank you very much Kurt.
"Kurt" wrote:
Vince wrote:.
Hi Kurt,
Thanks again...
switches are uplinked to each other. This scenario will isolate the subnets?
i have a no clear idea of this scenario, maybe so nat routers are confusing
me. I didn't know about so cheap soho routers, they are just nat routers? no
adsl?
subnet 1 and subnet 2 are two room (telematic networks to kids can practise)
in the second floor, i need isolate them from subnet 3 and from each other.
Three subnets need internet.
Regards Kust and sorry i'm a bit confuse.
It won't isolate the subnets if the switches are uplinked to each other.
If all of the subnets are on just one switch, just pull the plug on the
uplinks (I gurarantee that will isolate them! :). If your workstations
on different subnets are spread out all over the building or campus,
VLANs are your only option. SOHO (_S_mall _O_ffice _H_ome _O_ffice) is
just another name for a "broadband" router. They perform "Network
Address Translation" (NAT), just like your ISPs router does (It's LAN
port will have a private 192.168.x.x address, and it's WAN port will
have a publicly routable IP address that all of the private IP address
share). These additional routers will do the same thing, so that traffic
from local private subnets other than 192.168.0.x will be translated to
a 192.168.0 address - which is what your ISPs router is expecting. If
managed switches are not in your budget, maybe you could buy enough
cheap unmanaged switches to physically isolate them.
Also, having the routers WAN ports connected together will not bridge
the private networks.
R1---Switch 1---All subnet 1 computers 192.168.1
192.168.0 /
ADSL Router --R2---Switch 2----All subnet 2 computers 192.168.2
\
R3---Switch 3---All subnet 3 computers 192.168.3
This will give you 100% isolation between subnets, and all subnets will
have Internet access. The only thing you'll have to configure is the LAN
IP address on the 3 routers (and maybe the DHCP scope). Note that for
total isolation, you will require all 3 extra routers.
I use an SMC Barricade 7004VBR router. There are many other good
choices. I think I paid about $45 US.
- Follow-Ups:
- Re: Best solution to segment subnets
- From: Kurt
- Re: Best solution to segment subnets
- References:
- Re: Best solution to segment subnets
- From: Kurt
- Re: Best solution to segment subnets
- From: Vince
- Re: Best solution to segment subnets
- From: Kurt
- Re: Best solution to segment subnets
- From: Vince
- Re: Best solution to segment subnets
- From: Kurt
- Re: Best solution to segment subnets
- Prev by Date: Re: Best solution to segment subnets
- Next by Date: Re: Best solution to segment subnets
- Previous by thread: Re: Best solution to segment subnets
- Next by thread: Re: Best solution to segment subnets
- Index(es):
Relevant Pages
|
