From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from pigeon.gentoo.org ([208.92.234.80] helo=lists.gentoo.org) by finch.gentoo.org with esmtp (Exim 4.60) (envelope-from ) id 1QQf8N-0004Pd-Nr for garchives@archives.gentoo.org; Sun, 29 May 2011 12:30:20 +0000 Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id A39E71C019; Sun, 29 May 2011 12:28:54 +0000 (UTC) Received: from mail-bw0-f53.google.com (mail-bw0-f53.google.com [209.85.214.53]) by pigeon.gentoo.org (Postfix) with ESMTP id 51DE31C019 for ; Sun, 29 May 2011 12:28:53 +0000 (UTC) Received: by bwg12 with SMTP id 12so3205683bwg.40 for ; Sun, 29 May 2011 05:28:53 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=googlemail.com; s=gamma; h=domainkey-signature:from:to:subject:date:message-id:user-agent :in-reply-to:references:mime-version:content-transfer-encoding :content-type; bh=ddoHi0icmEe/W+Tonmb4hEsvUt0adodbd1dZFnO7KEI=; b=sjSy2khvsINQbapTKcn7kTVAiqetsT/dSgyDMT1v7KZT6HxaEJemvZdIEQo4P/zotT stgz2pRCOP6BEnLybj3DqaY0fMRK3RsurdWBXp+h+eQKT6BlSJDSw+cO20YvU6pa4kYJ rKKw0rlaiuJQ8wThNIE+yROs1Y3e03dUiqeDQ= DomainKey-Signature: a=rsa-sha1; c=nofws; d=googlemail.com; s=gamma; h=from:to:subject:date:message-id:user-agent:in-reply-to:references :mime-version:content-transfer-encoding:content-type; b=gZn93PFczeQrmzEkk8r3pxbAVNuVOW5SoKH0uiva6gIfoWE6Fo399PMW9ts1XL6ktJ hk9Tgi9ZVEUkEH8NaCfaSEIFxMhCiiGznh9o3NaV0bqz27QnT75CwMODqLQyrSHuOyl3 SOEOAUJ7objd2XAJFLPCK1LuJFaZo6U6tWw48= Received: by 10.204.81.196 with SMTP id y4mr3349326bkk.111.1306672133416; Sun, 29 May 2011 05:28:53 -0700 (PDT) Received: from localhost.localnet (p4FC7533A.dip0.t-ipconnect.de [79.199.83.58]) by mx.google.com with ESMTPS id x6sm2650573bkv.12.2011.05.29.05.28.51 (version=TLSv1/SSLv3 cipher=OTHER); Sun, 29 May 2011 05:28:52 -0700 (PDT) From: Volker Armin Hemmann To: gentoo-user@lists.gentoo.org Subject: Re: [gentoo-user] [OT - More Router Advice] Cheap Router with decent/reliable VLAN support Date: Sun, 29 May 2011 14:28:48 +0200 Message-ID: <2426390.BsS6EyTPdm@localhost> User-Agent: KMail/4.6 rc1 (Linux/2.6.38.6r4; KDE/4.6.3; x86_64; ; ) In-Reply-To: <4DE12C71.3020706@libertytrek.org> References: <4DE12C71.3020706@libertytrek.org> Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-user@lists.gentoo.org Reply-to: gentoo-user@lists.gentoo.org MIME-Version: 1.0 Content-Transfer-Encoding: 7Bit Content-Type: text/plain; charset="us-ascii" X-Archives-Salt: X-Archives-Hash: e28744d4c0372ef1503cb8d19be9c135 On Saturday 28 May 2011 13:10:09 Tanstaafl wrote: > After seeing an older thread asking about a router, I figured I'd ask my > own question... > > I'm looking for a cheap but reliable router that has decent and SIMPLE > way to add VLANs (I'm not a CISCO guy and don't want to have to become > one)... > > Specifically, I want to have one VLAN that my wireless access points are > plugged into, to provide ONLY internet access, and then a separate VLAN > for my internal network... > > This is to protect my internal net from any potentially infected > machines that are on the wireless access points (I routinely work on > infected computers for friends/family, so, I need internet access, but > want them isolated from my internal network). > > Anyone? Will one of the FLOSS builds for the cheap Cable/DSL routers > support VLANs on the different built-in router ports (ie, Tomato, DD-WRT > or OpenWRT)? > > Looking forward to any suggestions/ideas... so - why don't you get a router that ONLY does the routing and a nice good switch where you can tag the vlans? Because if someone takes over your router it does not matter that you have different vlans, they can access everything. But if the router is on a different vlan than the internal network, they have to take over the switch - which will be in a vlan inaccessible from any active device - to get into the other vlans.