From mboxrd@z Thu Jan 1 00:00:00 1970 From: "R. W. Rodolico" To: development@lists.ipfire.org Subject: Re: Multiple green networks Date: Mon, 09 Sep 2013 21:32:13 -0500 Message-ID: In-Reply-To: <1378287730.21541.70.camel@rice-oxley.tremer.info> MIME-Version: 1.0 Content-Type: multipart/mixed; boundary="===============7807892162288171281==" List-Id: --===============7807892162288171281== Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: 7bit I agree that for most small businesses and individuals, having multiple green networks is not necessary. I came up with the idea when comparing IPFire to some other small/medium business routers like the Juniper. With them, you just have a bunch of ports, and you set up one or more ports to be LAN and one or more to be 'net, and one or more to be DMZ. I was wondering how difficult it would be for IPFire, and it sounds like it would be very difficult. Question: We already have this partially. I could create a blue and a green, then set up rules between them. Correct? In many locations, they don't use the blue interface. It seems if I set up Blue to automatically allow connection (like the green does), ie find the code that restricts access to the blue network unless specifically given, then remove that, it would in essence be another green. Am I wrong? Anyway, like I said, I was just thinking. I had to work with some Juniper routers the other day and was intrigued by the idea. Rod On 09/04/2013 04:42 AM, Michael Tremer wrote: > Hey, > > sorry that I reply that late... > > Extending IPFire to manage more LAN interfaces than just BLUE and GREEN > is pretty hard to do if you want to use features like the DHCP server, > DNS proxy and so on... > > In most of the cases, people don't need multiple separate LAN segments. > > So, the answer to your question is no, unless you want to do a lot of > configuration on your own. > > -Michael > > On Wed, 2013-08-28 at 12:06 -0500, R. W. Rodolico wrote: >> Does anyone know if we have the ability to run multiple green networks >> on a router? I have a current situation where I need two LAN's I would >> like to run off the same router. They should have no connections between >> them (unless I set up a firewall rule). >> >> Is this possible? >> >> Oh, is this even the correct list to send this question to. > > Support questions can also be posted on the forums, where more people > are around and will reply much quicker. > >> >> Rod >> _______________________________________________ >> Development mailing list >> Development(a)lists.ipfire.org >> http://lists.ipfire.org/mailman/listinfo/development > > _______________________________________________ > Development mailing list > Development(a)lists.ipfire.org > http://lists.ipfire.org/mailman/listinfo/development > -- R. W. "Rod" Rodolico Daily Data, Inc. POB 140465 Dallas TX 75214-0465 http://www.dailydata.net 214.827.2170 --===============7807892162288171281== Content-Type: text/x-vcard Content-Transfer-Encoding: base64 Content-Disposition: attachment; filename="rodo.vcf" MIME-Version: 1.0 YmVnaW46dmNhcmQKZm46Ui4gVy4gUm9kb2xpY28KbjpSb2RvbGljbztSLiBXLgpvcmc6RGFpbHkg RGF0YSwgSW5jLgphZHI6OztQT0IgMTQwNDY1O0RhbGxhcztUWDs3NTIxNC0wNDY1O1VTCmVtYWls O2ludGVybmV0OnJvZG9AZGFpbHlkYXRhLm5ldAp0aXRsZTpQcmVzaWRlbnQKdGVsO3dvcms6MjE0 LjgyNy4yMTcwCnVybDpodHRwOi8vd3d3LmRhaWx5ZGF0YS5uZXQKdmVyc2lvbjoyLjEKZW5kOnZj YXJkCgo= --===============7807892162288171281==--