On Thu, 20 Jan 2005 09:48:05 -0500, Kanwar Ranbir Sandhu <m3freak@xxxxxxxxxx> wrote: > On Wed, 2005-19-01 at 17:23 -0500, Leonard Isham wrote: > > Internet > > | > > DSL Modem or Internet Router > > | > > Firewall----Tenant-2 > > | > > Tenant-1 > > > > Firewall each tenant from the other tenants. Give each tenant a > > different RFC 1918 address range. Use a Switch capable of trunking, > > and a Ethernet card capable of trunking in the firewall to allow > > multiple VLANs on one physical connection. > > I actually considered something like this, but what about those tenants > that require a public IP? Wouldn't a separate NIC be required on the > firewall to bridge the connection for each tenant? In that case, PCI > slots would eventually run out (or there may be IRQ conflicts). > On my previous post: "Use a Switch capable of trunking, and a Ethernet card capable of trunking in the firewall to allow multiple VLANs on one physical connection." Thrunking puts multiple VLANs on the same physical Ethernet cable. Each VLAN is a seperate subnet. -- Leonard Isham, CISSP Ostendo non ostento.
