[tclug-list] OT network solution

Sun Jun 28 22:44:04 CDT 2009

>>  If one has a managed switch, they generally support 802.1q VLANs.

I agree with this setup using a managed switch.  Don't get me wrong, I like IPcop, and have been running its evil older brother Smoothwall @ my house on a Pent pro 200 since almost the first beta release back in the day.  The long term problem with this setup is the box factor.  Old (and new) power supplies fail, fans will die, raid 1 is better but an old (or new) hdd might fail, etc....  I guess my point is the linux router is a bit more fragile than a switch (hardware wise in the long run).  Sure switches can die, but they are (forgive the M$ speak) slightly more Robust usually.  IMHO keep the Linux router at home, or setup somewhere where you will be often.  When things break, and your not around this sucks for you (& them).  It easier to get the call that the network/internet is down & all you have to tell someone to shutoff the switch or yank the powercord - count to 10, and plug it back it.

I recently dehodgepodged two of our offices networks, and have a few managed switches I could probably sell to you cheap if you decide to go this route.  I am pretty sure they are all 10/100 speed though.  I believe I have a couple 3-Com's, and a couple HP's all 24 port.  They are located in Oakdale, but I could bring them home to NE Mpls if you want to take a road trip.  I guess if your interested, just contact me off list.

Good Luck Brother.

B-o-B

GlobeRunners, Inc.
IT Manager
600 Inwood Ave. N., Suite 160  |  Oakdale, MN 55128  |  Direct (651) 925-1500  |  Cell: (612) 850-6940  |  Fax: (651) 925-1560  |  Email: bob at grunners.com

-----Original Message-----
From: tclug-list-bounces at mn-linux.org [mailto:tclug-list-bounces at mn-linux.org] On Behalf Of Jima
Sent: Sunday, June 28, 2009 6:50 PM
To: tclug-list
Subject: Re: [tclug-list] OT network solution

Tony Yarusso wrote:
> On Sun, Jun 28, 2009 at 4:29 PM, swede<danyberg at gmail.com> wrote:
>> This was short notice and is my first attempt at setting up anything other a
>> home network, so any other ideas for the layout would be appreciated.
>
> If security is your concern, you want to take the switch out of the
> equation (unless it's a smart/managed switch) and add more interfaces
> to the IPCop router (one for each of the 4 places that need to be kept
> separated).

  If one has a managed switch, they generally support 802.1q VLANs.
Rather than having a NIC for each network, you can just assign each port
on the switch to a separate VLAN, and trunk all of the VLANs to the
Linux box.  For that matter, you can connect the uplink to a VLAN of its
own on the switch, too.
  I have such a setup running six disparate networks to a Linux router
with only one ethernet interface, which can therefore be replaced by any
hardware if needed (and not just a device with sufficient PCI* slots).
Also, adding additional networks is a breeze as long as you have enough
switch ports (and you could always trunk to another switch).

  It's a tad bit involved, but I'm pretty fond of the setup, myself.

      Jima

_______________________________________________
TCLUG Mailing List - Minneapolis/St. Paul, Minnesota
tclug-list at mn-linux.org
http://mailman.mn-linux.org/mailman/listinfo/tclug-list