Home
Main website
Display Sidebar
Hide Ads
Recent Changes
View Source:
NetworkingBestPractices
Edit
PageHistory
Diff
Info
LikePages
!!! Numbering Where possible, the highest valid [IP] in any range should be the default gateway*. So, to set your default gateway, take your broadcast address and subtract one on it, and try that. This is why the default gateway on a <tt>/24</tt> is normally <tt>.254</tt>. __*__ The alternative seems to be the other way around and uses the lowest IP in an address range as the gateway. ie. in a /24 network .1 is the gateway. !!! DHCP Use [DHCP] to allocate [IP]s and configure services such as DNS to clients. Make sure that [IP]s allocated have [ForwardLookup]s and [ReverseLookup]s. !!! Firewalling As much as I hate firewalling, adding firewalling on routers lets you partition your network up to prevent infections in one area from propagating into another. The usual partitioning scheme is to partition the network into internal, [DMZ], and InterNet, but having more partitions can also help. !!! DeMilitarizedZone If you have a network which has a mixture of workstations and publically-accessable servers, consider the use of a [DMZ] to physically separate "external" machines from "internal" ones. In the event that your webserver gets compromised, your accounting server (which should still be an "internal" one) is safe. !!! VirtualPrivateNetwork When providing access to off-site users, such as people working from home, [RoadWarrior]s, or remote branches, use a VPN to provide secure access to your internal servers. When securing wireless networks, it is sensible to completely lock down the wlan so that the only permitted activity is to the VPN server. For wireless users to participate in the network they have to connect via your VPN first. !!! RFC1918 Please please please avoid the use of RFC1918, it breaks so much stuff. Never use it for anything that might ever be visible to the Internet, including a router in the middle of a network. See NetworkingNotes for details on it breaks. ---- Part of CategoryBestPractices
One page links to
NetworkingBestPractices
:
NetworkingNotes