(E-Mail Removed) (alfa_b) said:
>I'm planing to build a machine with a single physical ethernet port
>and 2 IP addresses (different subnets). each of the IP's is to serve
>other purpose.
....
>my machine have 2.2.2.10 and 1.1.1.10 and a single eth port.
>
>I have in my hand 2 cables, one leads to a gateway (R1) to 1.1.1.0/8
>netwrok and the other to 2.2.2.0/8 network (R2). the entity in my
>machine that has the IP 1.1.1.10 has to be part of 1.1.1.0/8 and
>2.2.2.10 part of 2.2.2.0/8.
>
>solution 1:
>
>take a vlan switch and configure subnet based vlans where my machine
>port and R1 port on one vlan and my machine port with R2 port on vlan
>2. by that make a traffic separation of the 2 subnets including my
>machine.
>
>solution 2:
>
>take 3-interfaces router, configure 1.1.1.0/8 (apart from 1.1.1.10)
>behind IF-1, 2.2.2.0/8 (minus 2.2.2.10)behind IF-2 and 1.1.1.10,
>2.2.2.10 hosts behind IF-3.
>
>questions:
>
>1. do you think solution 2 possible (the router config...)?
Could be, but depends on how fine-grained control your router allows.
Not a nice solution, anyway.
>2. which solution do you think is better?
#1 gets my vote -- unless you have to be worried about vlan-collapsing
attacks against the switch.
>3. do you have another solution?
The obvious one, which apparently is not feasible for some reason:
get another ethernet port to the machine.
--
Wolf a.k.a. Juha Laiho Espoo, Finland
(GC 3.0) GIT d- s+: a C++ ULSH++++$ P++@ L+++ E- W+$@ N++ !K w !O !M V
PS(+) PE Y+ PGP(+) t- 5 !X R !tv b+ !DI D G e+ h---- r+++ y++++
"...cancel my subscription to the resurrection!" (Jim Morrison)
Similar Threads
Linear Mode
