- Community Home
- >
- Networking
- >
- Legacy
- >
- Switches, Hubs, Modems
- >
- Re: ProCurve 2650 for classic housing environment
Switches, Hubs, and Modems
1753394
Members
7291
Online
108792
Solutions
Forums
Categories
Company
Local Language
юдл
back
Forums
Discussions
Forums
- Data Protection and Retention
- Entry Storage Systems
- Legacy
- Midrange and Enterprise Storage
- Storage Networking
- HPE Nimble Storage
Discussions
Discussions
Discussions
Forums
Forums
Discussions
юдл
back
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
- BladeSystem Infrastructure and Application Solutions
- Appliance Servers
- Alpha Servers
- BackOffice Products
- Internet Products
- HPE 9000 and HPE e3000 Servers
- Networking
- Netservers
- Secure OS Software for Linux
- Server Management (Insight Manager 7)
- Windows Server 2003
- Operating System - Tru64 Unix
- ProLiant Deployment and Provisioning
- Linux-Based Community / Regional
- Microsoft System Center Integration
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Blogs
Information
Community
Resources
Community Language
Language
Forums
Blogs
Topic Options
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО01-16-2005 11:28 AM
тАО01-16-2005 11:28 AM
ProCurve 2650 for classic housing environment
Hi all,
we are currently planing on a small "classic" housing location. Therefore we are thinking about the typical security problems e.g. ARP/Mac-Spoofing, DHCP-Server, IP allocation..
The ProCurve 2600 series sounds really interesting for our intention, but there are still unanswered questions to me:
- usually, up to 4 IP Addresses will be assigned to one server. They are taken from a /24 subnet. Is it possible with the 2600 series switches to put each network port in it's own vlan with routing capabilities between all ports? There is one uplink for all ports and no layer3 device on the next level - especially no 802.1q cabable device
- is it possible to have only one dhcp server running for all ports without worrying about a possibly running dhcpd from a customer? I guess this will work with vlans but maybe there is another solution
- is there a really good way to make sure, that customer A on Port1 only uses those 4 IPs he was given from us? Since the switch is a Layer3 Device I hope there is a built-in solution
Thanks for your answers in advance!
Regards,
Nico
we are currently planing on a small "classic" housing location. Therefore we are thinking about the typical security problems e.g. ARP/Mac-Spoofing, DHCP-Server, IP allocation..
The ProCurve 2600 series sounds really interesting for our intention, but there are still unanswered questions to me:
- usually, up to 4 IP Addresses will be assigned to one server. They are taken from a /24 subnet. Is it possible with the 2600 series switches to put each network port in it's own vlan with routing capabilities between all ports? There is one uplink for all ports and no layer3 device on the next level - especially no 802.1q cabable device
- is it possible to have only one dhcp server running for all ports without worrying about a possibly running dhcpd from a customer? I guess this will work with vlans but maybe there is another solution
- is there a really good way to make sure, that customer A on Port1 only uses those 4 IPs he was given from us? Since the switch is a Layer3 Device I hope there is a built-in solution
Thanks for your answers in advance!
Regards,
Nico
3 REPLIES 3
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО01-18-2005 01:25 AM
тАО01-18-2005 01:25 AM
Re: ProCurve 2650 for classic housing environment
Does nobody of you know an answer? How do you solve the arp-spoofing problem? How do you make sure, that no other server with a running dhcpd interferes your network?
Regards,
Nico
Regards,
Nico
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО01-18-2005 11:56 PM
тАО01-18-2005 11:56 PM
Re: ProCurve 2650 for classic housing environment
Hi,
I am not sure this is what you are looking for....
To ensure that the individual ports only recives traffic from the uplink and not from each other there is a feature called source port filtering that is a feature that are easily used in hotel or apartment buildings to make sure that no traffic goes from one customer to another.
Cheers
Victor
I am not sure this is what you are looking for....
To ensure that the individual ports only recives traffic from the uplink and not from each other there is a feature called source port filtering that is a feature that are easily used in hotel or apartment buildings to make sure that no traffic goes from one customer to another.
Cheers
Victor
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО01-19-2005 02:43 AM
тАО01-19-2005 02:43 AM
Re: ProCurve 2650 for classic housing environment
Hi,
thanks for your answer. Actually I want Customer A to be able to communicate with Customer B. But I'd prefer a different solution than using arpwatch to make sure nobody is trying to catch foreign traffic.
Let's for example say I have a /24 subnet, e.g. 192.168.0.0/24. I have 3 customers on a 2600 series switch, each with 4 IP-addresses like that:
- Customer A: 192.168.0.1 to 192.168.0.4
- Customer B: 192.168.0.5 to 192.168.0.8
- Customer C: 192.168.0.9 to 192.168.0.12
They are using Port1, 2 and 3. Port 25 is my Uplink port. Each port from 1 to 24 has it's own vlan. In this setup, Customer A would not be able to communicate with Customer B, not even through the uplink. I am not even sure if this setup works if I do not have a 802.1q capable device where my uplink is connected to. I hope some of you may help.
Thanks & regards,
Nico
thanks for your answer. Actually I want Customer A to be able to communicate with Customer B. But I'd prefer a different solution than using arpwatch to make sure nobody is trying to catch foreign traffic.
Let's for example say I have a /24 subnet, e.g. 192.168.0.0/24. I have 3 customers on a 2600 series switch, each with 4 IP-addresses like that:
- Customer A: 192.168.0.1 to 192.168.0.4
- Customer B: 192.168.0.5 to 192.168.0.8
- Customer C: 192.168.0.9 to 192.168.0.12
They are using Port1, 2 and 3. Port 25 is my Uplink port. Each port from 1 to 24 has it's own vlan. In this setup, Customer A would not be able to communicate with Customer B, not even through the uplink. I am not even sure if this setup works if I do not have a 802.1q capable device where my uplink is connected to. I hope some of you may help.
Thanks & regards,
Nico
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.
News and Events
Support
© Copyright 2024 Hewlett Packard Enterprise Development LP