From owner-freebsd-isp Sun Nov 24 21:26:36 2002 Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id A558637B404 for ; Sun, 24 Nov 2002 21:26:34 -0800 (PST) Received: from yama.geminisolutions.com (yama.geminisolutions.com [216.57.214.2]) by mx1.FreeBSD.org (Postfix) with ESMTP id AF78543E4A for ; Sun, 24 Nov 2002 21:26:30 -0800 (PST) (envelope-from michael@staff.openaccess.org) Received: from [10.0.1.3] (0-1pool22-155.nas8.bellevue1.wa.us.da.qwest.net [67.3.22.155]) by yama.geminisolutions.com (8.12.3/8.11.6) with ESMTP id gAP5IJX2047016; Sun, 24 Nov 2002 21:18:19 -0800 (PST) (envelope-from michael@staff.openaccess.org) User-Agent: Microsoft-Entourage/10.0.0.1309 Date: Sun, 24 Nov 2002 21:26:29 -0800 Subject: Re: 150 VLANS?? From: Michael DeMan To: Andrew Thompson , Message-ID: In-Reply-To: <02Nov25.145155nzdt.119050@homer.fire.org.nz> Mime-version: 1.0 Content-type: text/plain; charset="US-ASCII" Content-transfer-encoding: 7bit Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org We do this with a FreeBSD VLAN trunk and switches, I would definitely not try to do one large LAN. There are too many problems with security, people trying to hack each other's machines, etc. We run 64 VLANs on 486 class gear and have great throughput. Intel (fxp) and (sis) drivers work well since the 802.1q VLAN header is stripped in hardware. On 11/24/02 5:51 PM, "Andrew Thompson" wrote: > Hi, > > > I have been given the task of providing broadband Internet for a new > apartment building. There are about 150 apartments and I am trying to > think of the best way to tackle this one. The one condition is that I > am able to track usage for billing purposes (simple byte count will do). > > The first option that sprung to mind was to just have one big lan with > router, but there are concerns about security. > > My next idea was to buy four cisco 48-port switches and have each port > on a seperate vlan, then create 150 vlan devices on FreeBSD and use ipfw > or ipf to count the bytes on each vlan device. > > Can anyone tell me if this is feasable? or am I doomed to fail? > > > thanks > > Andrew > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-isp" in the body of the message > Michael F. DeMan Director of Technology OpenAccess Internet Services 1305 11th St., 3rd Floor Bellingham, WA 98225 Tel 360-647-0785 x204 Fax 360-738-9785 michael@staff.openaccess.org To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message