packet mangling and routing

Andrew McNabb amcnabb at mcnabbs.org
Tue Oct 16 09:49:02 MDT 2007


On Tue, Oct 16, 2007 at 08:58:59AM -0600, Michael L Torrie wrote:
> 
> If I was designing the BYU network, I would have made public address
> translate to private addresses, and split the DNS.  That way the world
> would see servers on the 128.187. addresses, but the same servers from
> within the byu network would see the 10.x addresses.  That makes routing
> a lot more sane.
> 

That's the way we did it in the CS Department, and although it works
pretty well, it's still a headache.

If I were designing the BYU network, I would give everything 128.187
addresses, and I would use a novel tool called a firewall to limit
outside access to private machines.  I guess that makes me a heretic.

-- 
Andrew McNabb
http://www.mcnabbs.org/andrew/
PGP Fingerprint: 8A17 B57C 6879 1863 DE55  8012 AB4D 6098 8826 6868



More information about the PLUG mailing list