Subj : Re: Network setup To : Frank Reid From : Ben Carpenter Date : Mon Nov 04 2002 04:56 pm -=> Quoting Frank Reid to ALL <=- BC> Could some one give me some pointers and setting up or rearranging a BC> network. BC> BC> I have several computers on a network and a router connected to a DSL BC> connection. Every thing is working fine, but I want to divide the BC> computers in to 3 different work groups that all can connect to the DSL BC> internet connection but can not see or communicate with computers in an BC> other work group. BC> BC> Does this require special hardware or is it a software function or BC> both? Please give some details if you can. FR> How "rigid" are the security constraints among the three networks? If FR> you truly do not want to allow any traffic shared among different FR> networks, the only solution is to add a router (or firewall) with FR> multiple interfaces, so you can block traffic. FR> If it's purely esthetic, e.g. so the kids can't see your Network FR> Neighborhood resources from their computers, you might be able to Frank There you have hit the nail on the head. It is not kids but grandkids and even myself and my wife when we are not on the business machines, so we do not do something we do not intend to do. (see message to Mark Lewis with details) FR> subnet the IP network used by your router. Typical DSL/cable routers FR> use the non-routable (private) IP address space 192.168.0.0/24 FR> (192.168.0.0 - 192.168.0.255, with a netmask 255.255.255.0 or standard FR> Class "C" subnetting). Without modifying the router configuration, you FR> can "chunk" that network up into four 64 host blocks on the FR> workstations, each using a subnet mask of 255.255.255.192, as follows: FR> Workgroup1 192.168.0.2 - 192.168.0.62 FR> Workgroup2 192.168.0.66 - 192.168.0.126 FR> Workgroup3 192.168.0.130 - 192.168.0.190 FR> Workgroup4 192.168.0.194 - 192.168.0.254 FR> I've omitted the network and broadcast addresses in each range, so FR> these should be the usable addresses for the workstations. This is I am a little dense. Explain the network and broadcast addresses. Also explain the subnet mask and how that affects the addresses. I have only used the 255.255.255.0 on all workstations. FR> untested, and there are two questions I have in advance. First, FR> because you can only populate a single address on the router FR> (192.168.0.1), will the workstations be able to find the default FR> gateway at 192.168.0.1 from the three higher subnets? Second, because FR> Windows network is pretty pervasive unless RPC activity is blocked, My local network is setup as 192.168.2.x and am using subnet mask 255.255.255.0 as stated above. I now have one machine at 192.168.2.155 and it sees the gateway at 192.168.2.1. FR> will the workstations still be able to "see" each other across the FR> subnet boundaries. FR> The real solution is a multiple interface hardware router or firewall, FR> but I'd be curious of your results if you give this a try. With a little more input from you and given a few days to get the time I am going to give this a try before investing in more hardware. .... Ben .... Remember, the paper is always strongest at the perforations. --- Blue Wave/DOS v2.30 * Origin: COMM Port OS/2 juge.com 204.89.247.1 (281) 980-9671 (1:106/2000) .