PHX network
Mike McGrath
mmcgrath at fedoraproject.org
Mon Oct 30 13:32:59 UTC 2006
On 10/30/06, Christian Iseli <Christian.Iseli at licr.org> wrote:
> On Sun, 29 Oct 2006 21:01:43 -0600, Dennis Gilmore wrote:
> > 1-35 for Network appliances/devices nas, san, switches, kvms, etc.
> > 36 - 169 for services i.e. xen guests and physical hosts when needed for
> > example ppc builders
> > 164-169 for existing boxes admin interfaces these would most likely be
> > needed for a short term period
> > 170-199 for admin interfaces drac, ALOM, etc
> > 200 is a nat pool ip id like to have it moved to 250
> > 201 - 219 for test systems
> > 220-249 for physical xen hosts
> > 250-254 for gateways to external networks
>
> Wouldn't it be more secure to have the interfaces you put in 1-35 and
> 170-199 in a separate, unrouted network (10.x.x.x) that can only be
> accessed from a couple admin machines having dual ethernet ports ?
>
> That would also leave more room in the /24 net...
>
> It's a bit more trouble to manage two networks, but not that much.
>
I think that was part of the idea that we could do this later on if we
wanted. For now I don't think we need such an architectural change.
-MIke
More information about the Fedora-infrastructure-list
mailing list