network segmentation without using vlans

Paul van Fraassen paul-s7S4Dk53uTw at public.gmane.org
Tue Feb 19 18:09:54 UTC 2008 

OK seems simple enough.
So, the simple answer is "No" if you don't  want the servers to see each
others traffic at all then they have to be on separate
Layer-2 segments and that means either separate switches (hubs, coax or
whatever :-)  or vlans.
Why do you want to stay away from vlans ? Port based vlans can be a simple
way to get isolation, provided your switch supports it.

-PvF

On 2/19/08, Teddy Mills <teddymills-Re5JQEeQqe8AvxtiuMwx3w at public.gmane.org> wrote:
>
>
> Standard 24 port switch.
> Some 20 servers on it.
>
> I want all 20 servers not to 'see' each others traffic at all.
> All 20 servers are on the same subnet. (ack)
>
>
>
>
>
>
>
>
>
>
>
>
> Paul van Fraassen wrote:
> > I know it's a typical response but, can you give more info?
> > Normally, you choices are dividing up the space with separate router
> > interfaces or vlans (which is just another form of router interface
> which
> > saves some hardware in switches etc)
> > but, it sounds like you want to do something without adding H/W
> > (I know I'm making wild assumptions here :-) do you mean strict Layer 2
> > segmentation ?
> > You might be tempted to separate groups of PCs by putting them in their
> own
> > IP subnets so that the netmasks make them seem to be on their own
> > but this is really just slight of hand and not much use for either
> security
> > or network performance.
> > Does that make any sense? How up to speed are you with the Layer-2,
> Layer-3
> > stuff ?
> >
> >
> > -PvF
> >
> >
> >
> > On 2/19/08, Teddy Mills <teddymills-Re5JQEeQqe8AvxtiuMwx3w at public.gmane.org> wrote:
> >
> >> I was wondering if it was possible to have network segmentation without
> >> using vlans.
> >> If I have 20 boxes on a switch, I do not want any of the boxes to know
> >> about each other.
> >>
> >> /teddy
> >>
> >>
> >>
> >>
> >>
> >> --
> >> The Toronto Linux Users Group.      Meetings: http://gtalug.org/
> >> TLUG requests: Linux topics, No HTML, wrap text below 80 columns
> >> How to UNSUBSCRIBE: http://gtalug.org/wiki/Mailing_lists
> >>
> >>
> >
> >
>
> --
> The Toronto Linux Users Group.      Meetings: http://gtalug.org/
> TLUG requests: Linux topics, No HTML, wrap text below 80 columns
> How to UNSUBSCRIBE: http://gtalug.org/wiki/Mailing_lists
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://gtalug.org/pipermail/legacy/attachments/20080219/165505d1/attachment.html>

More information about the Legacy mailing list