Tony Crouch wrote: > Hi All, > Seeing as though this query is not 100% Fedora related it may be better > if someone is able to help me with this query if they reply to me > personally off-list. > > On reading the post made recently by Thom, it got me thinking ... > > At the school I work out we have a setup where we have 2 computer > laboratories (primary-lab & secondary-lab -- each lab contains about 40 > machines) and a rather large number of computers scattered throughout > classrooms. > > Everything runs from a DHCP router which supplies each machine with its > required network details. > > The machines scattered throughout the school (non-lab machines) has the > following details: > > IP-Address: 10.10.?.* -- ? starts at 2 > subnet-mask: 255.255.0.0 > > The machines in the computer labs have the following details > > IP-Address: 10.10.2.* > subnet-mask: 255.255.255.0 > > The discretion of whether a machine receives the B or C-class subnet > mask is based on MAC addresses. > > What has confused in the fact these two networks can talk to one > another. Is it because the admin has freed up the firewall between the > two, but I can't really see the point of specifying two seperate masks > and then opening up the firewall to additional traffic. > > Was wondering if someone might be able to shed some light into either > why this happens (or shouldn't happen :P ) in the world of networking. > > Thanks for your help. > > All the best. > > Cheers, > Tony Crouch > If each network is on a separate physical LAN segment, you could use the router to block traffic between the two segments. (This is probably not the default configuration.) If they share the same physical LAN, then the only way is to firewall each machine. Mikkel -- Do not meddle in the affairs of dragons, for thou art crunchy and taste good with Ketchup!
Description: OpenPGP digital signature