[Gllug] A little OT: On the limits of VLANs

general_email at technicalbloke.com general_email at technicalbloke.com
Thu Apr 29 02:48:07 UTC 2010 

I've just won a fairly spiffy looking 24 port rackmount layer 2 managed
gigabit switch on e-bay for the princely sum of 31 quid! I was as
surprised as the seller is gutted but that's the way of things and it
will be arriving on Friday. Now this is quite a step up from my trusty 
yet passive little tenda 8 port and  *may* open up some exciting new
possibilities.

I say may as this whole VLAN thing is a bit new to me and I'm not sure
what can actually be accomplished with them yet...

It looks fairly straight forward to create several VLANs and, as I've
only got one switch I  don't think any of the known VLAN hopping hacks
apply to me. So what I was hoping to do was section off say 8 ports, put
them all on their own VLAN and then make one of my servers a member of
all 8 of those VLANs, the intended effect being that the machines
plugged into those 8 ports can not see each other but can see my server.
Is that something I could do with VLANs? The other scenario I'm
interested in is quite similar, as in non of the machines could see each
other locally except for an internet gateway.

The reason I'm interested in these particular setups is because I repair
(mostly) windows computers for a living. Naturally many of them come in
riddled with malware and I'd like to be able to attach more than one to
a given network at a time so I can back them up (or restore them after
cleaning) without worrying about the other boxes trying to infect each
other. That can be quite a big problem as it can take several long
vulnerable hours to get a freshly reinstalled box up to date with its
patches. Other times I'd like to get a (potentially) infected machine
online briefly to deregister iTunes or download malwarebytes etc. Right
now I just have to be careful I only have one booted windows box plugged
in at a time which can limit my throughput somewhat.

So anyway I had been thinking of throwing multiple lan cards into my
backup server to get this kind of separation happening but now I wonder
if I could get the same effect with VLANs alone and save myself a few quid?

Here's the manual for this thing...

http://www.asante.com/downloads/userManuals/GX5-2400W_UM.pdf

If not, does anyone want to buy a nice 24 port rackmount switch? Only
£150 or maybe swap for an Intel PRO1000 4 port Gigagbit Ethernet PCIe
card ;)

Cheers,

Roger.
-- 
Gllug mailing list  -  Gllug at gllug.org.uk
http://lists.gllug.org.uk/mailman/listinfo/gllug

More information about the GLLUG mailing list