network segmentation without using vlans
Paul van Fraassen
paul-s7S4Dk53uTw at public.gmane.org
Tue Feb 19 17:24:18 UTC 2008
I know it's a typical response but, can you give more info?
Normally, you choices are dividing up the space with separate router
interfaces or vlans (which is just another form of router interface which
saves some hardware in switches etc)
but, it sounds like you want to do something without adding H/W
(I know I'm making wild assumptions here :-) do you mean strict Layer 2
segmentation ?
You might be tempted to separate groups of PCs by putting them in their own
IP subnets so that the netmasks make them seem to be on their own
but this is really just slight of hand and not much use for either security
or network performance.
Does that make any sense? How up to speed are you with the Layer-2, Layer-3
stuff ?
-PvF
On 2/19/08, Teddy Mills <teddymills-Re5JQEeQqe8AvxtiuMwx3w at public.gmane.org> wrote:
>
>
> I was wondering if it was possible to have network segmentation without
> using vlans.
> If I have 20 boxes on a switch, I do not want any of the boxes to know
> about each other.
>
> /teddy
>
>
>
>
>
> --
> The Toronto Linux Users Group. Meetings: http://gtalug.org/
> TLUG requests: Linux topics, No HTML, wrap text below 80 columns
> How to UNSUBSCRIBE: http://gtalug.org/wiki/Mailing_lists
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://gtalug.org/pipermail/legacy/attachments/20080219/4c26ed1b/attachment.html>
More information about the Legacy
mailing list