network segmentation without using vlans
Teddy Mills
teddymills-Re5JQEeQqe8AvxtiuMwx3w at public.gmane.org
Tue Feb 19 17:57:44 UTC 2008
Standard 24 port switch.
Some 20 servers on it.
I want all 20 servers not to 'see' each others traffic at all.
All 20 servers are on the same subnet. (ack)
Paul van Fraassen wrote:
> I know it's a typical response but, can you give more info?
> Normally, you choices are dividing up the space with separate router
> interfaces or vlans (which is just another form of router interface which
> saves some hardware in switches etc)
> but, it sounds like you want to do something without adding H/W
> (I know I'm making wild assumptions here :-) do you mean strict Layer 2
> segmentation ?
> You might be tempted to separate groups of PCs by putting them in their own
> IP subnets so that the netmasks make them seem to be on their own
> but this is really just slight of hand and not much use for either security
> or network performance.
> Does that make any sense? How up to speed are you with the Layer-2, Layer-3
> stuff ?
>
>
> -PvF
>
>
>
> On 2/19/08, Teddy Mills <teddymills-Re5JQEeQqe8AvxtiuMwx3w at public.gmane.org> wrote:
>
>> I was wondering if it was possible to have network segmentation without
>> using vlans.
>> If I have 20 boxes on a switch, I do not want any of the boxes to know
>> about each other.
>>
>> /teddy
>>
>>
>>
>>
>>
>> --
>> The Toronto Linux Users Group. Meetings: http://gtalug.org/
>> TLUG requests: Linux topics, No HTML, wrap text below 80 columns
>> How to UNSUBSCRIBE: http://gtalug.org/wiki/Mailing_lists
>>
>>
>
>
--
The Toronto Linux Users Group. Meetings: http://gtalug.org/
TLUG requests: Linux topics, No HTML, wrap text below 80 columns
How to UNSUBSCRIBE: http://gtalug.org/wiki/Mailing_lists
More information about the Legacy
mailing list