Splitting an ISP allocated range to multiple networks with a single public IP each (Layer 3 Switch)


Recommended Posts

Yeah, totally understand the loss of addresses.  I am assuming here the tenants need public static addresses, no dhcp and public address are not routed, just hanging off the isp's router. I am leaving out the organization firewall here for simplicity.  

 

Here we have 3 tenants all in the same public subnet.  Can you put in an ACL or something on a switch to say, Tenant A, you can only assign this address (63.210.162.151) on your router and if you try to configure an ip address of Tenant B/C it will be prevented.  Then two ACL's on each tenant switchport to say, Allow access to the gateway 63.210.162.150/24 and deny all other traffic to other tenant's in that subnet. Basically, just trying to segregate the tenants using the /24 just as if you gave them small individual subnets, but you would be saving the ip's because you didn't have to subnet the /24 for each tenant.  Hope I am making sense here.

 

 

 

 

 

 

 

 

net.GIF

Why can you not do it via dhcp? 

 

You can not keep someone from fat fingering an IP when its static.  I have been doing this for years and years, and many a setup where given a few IPs out of block and never had any issues with dup Ips..  If someone fat fingers there IP and it steps on mine, they are are not going to work..  So they should figure it out very quickly that they have the wrong IP, etc.

 

But in your example I would hand out those IPs via dhcp.

This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
  • Posts

    • I don't know, I haven't checked what changed in previous sockets. I agree that the 1156-1155-1151 succession was suspicious, with a reduction in pin count every time. Intel could do a better job of pre-allocating pins for future use. Another hypothesis is that the internal layout of their CPUs change, like the I/O is moved from one place to another on the chip, and they need to reorganize pins rather than having circuitry go into spaghetti mode to remain compatible. I agree that if AMD is able to maintain compatibility, Intel should be able to do the same, at least by reserving pins for future use and then using those pins when a need for them arises. However, I wouldn't say that AMD's products are entirely better. Intel's I/O now slightly edges out thanks to having double the bandwidth to the chipset and dedicated Thunderbolt lanes to the CPU. It seems that they could widen their lead with the next platform. NVMe SSDs have increased the need for PCIe lanes significantly, and AM5 has been pretty underwhelming in that regard, especially because the chipset connection is so narrow and gets saturated with just 1 gen 4 SSD, leaving the other chipset connectivity (Ethernet, Wi-Fi, audio, etc) to hope for any remaining bandwidth. Otherwise motherboard manufacturers could also make more x2 M.2 slots, those would be fast enough at gen 5 speeds and possibly at gen 4 speeds too.
    • Exactly, the E-cores actually give you good performance for what they offer, it's no surprise that Intel is doubling down on more E-cores instead of more P-cores. The LP-cores are good for when you're system is just sitting there idle and waiting to be used. Every core has it's place tbh, it's just up to Intel to and MS to work to get the scheduler right.
  • Recent Achievements

    • Week One Done
      korostelev earned a badge
      Week One Done
    • Week One Done
      rozermack875 earned a badge
      Week One Done
    • Week One Done
      oneworldtechnologies earned a badge
      Week One Done
    • Veteran
      matthiew went up a rank
      Veteran
    • Enthusiast
      Motoman26 went up a rank
      Enthusiast
  • Popular Contributors

    1. 1
      +primortal
      675
    2. 2
      ATLien_0
      264
    3. 3
      Michael Scrip
      184
    4. 4
      +FloatingFatMan
      177
    5. 5
      Steven P.
      140
  • Tell a friend

    Love Neowin? Tell a friend!