[geeks] Rant: Network "Industry Leaders" That Don't.

Kris Kirby kris at catonic.net
Wed May 1 20:36:03 CDT 2002


On Wed, 1 May 2002, Jonathan C. Patschke wrote:
> That'd be great, except that $ISP is only handing us one IP address over
> that link, with no provisions to add more--not ant any cost the agency is
> willing to put up with, anyway.

Is it thier link? Or is the AP on your side owned by you?

If you can get them to pop the AP back to bridge mode, your troubles are
over.

And you're really missing the point. I used to to WISP for a living. APs
can be programmed to function as routers (AP's IP is #; your IP is this
one and the gateway is this one.) or bridges. In bridge mode, it will pass
*any* ethernet traffic. And as such, you only need to set the PC router to
the IP on your side of the wireless run and set the gateway to thier side.

> That's what's so screwed-up about all this.  One side needs one IP address
> because the RS/6000 (VIAS) "needs" telnet open[1] to the public so
> $softwareVendor can do maintenance, but nothing else.  That side has a
> /24.  The other side (which is where all the stations and printers are)
> has one IP address and an Orinoco that doesn't comprehend anything that's
> outside of one hop away.

We ran turbocell over Orinoco. There are some interesting things about
getting a Lucent card to go promiscuous. But I do believe the AP1000 will
do bridge mode. Shoot me the name of the ISP (erm, privately) and I'll see
if they are on isp-wireless and ask them a few questions.

> Yes, but your method would require purchasing managed Ethernet switches.
> The cable-mess still needs to be fixed, and I think that we could convince
> them to pay for two more fibre drops than for two managed switches.  In
> fact, we've suggested upgrading the hubs to something decent, and that was
> shot down.  They also needed this up and running Today.

You could do it with two PCs. Pentiums even.

> No doubt that your solution is making better use of the infrastructure
> at-hand (no way are they going to use -all- that 100MB/s connection), but
> the people holding the checkbook are low-ballers.  They'd probably all
> still be using dumb terminals if they didn't need access to email or were
> allowed to run PINE on the RS/6000.

> [1] I also neglected to mention to utter idiocy of the software folks
>     managing the RS/6000.  They don't believe in TCP-wrappers.

Point out what a gaping hole that is and explain that *any* ev1l haxX0r
could do them major damage. And since they are $gov, explain the headline
to them as it would read in the paper.

And if $ISP is unwilling to reprogram the AP... good fucking luck. :-)

--
Kris Kirby, KE4AHR          | TGIFreeBSD... 'Nuff said.
<kris at nospam.catonic.net>   | IM: KrisBSD | HSV, AL.
-------------------------------------------------------
"Fate, it seems, is not without a sense of irony."



More information about the geeks mailing list