View Single Post
Old 14th July 2013
rocket357's Avatar
rocket357 rocket357 is offline
Real Name: Jonathon
Wannabe OpenBSD porter
 
Join Date: Jun 2010
Location: 127.0.0.1
Posts: 429
Default

My configuration is documented (at least partially) here.

dhcpd wasn't that bad, and all of the inter-windows communications must take place via firewall rules on my OpenBSD firewall (quite convenient, IMHO). Since Windows doesn't have to bother with L2 (other than getting traffic to the gateway), I don't have to worry about ARP or any other silliness. My OpenBSD firewall has a fun routing table (ARP table is still the same size it was before, I believe), but other than that the Windows hosts believe they're the only hosts on their physical network. The only real complication is monitoring (iftop -NPi $interface doesn't show ALL NIC traffic (as you'd expect...you have to monitor per-vlan) =)

Pretty neat, since I'd actually lost sleep worrying if my daughter would get her Win7 box infected and that lead to my wife's Win7 box getting infected as well. Now I just need a vlan-capable wireless router (my access point is running dd-wrt (won't run openwrt), but this build of dd-wrt for this exact model has to have ipv6, vlans, and a bunch of other stuff turned off to fit).

Edit: didn't notice jggimi had quoted me with the embedded link to my LQ blog entry outlining this layout. Sorry for the double-link heh.
__________________
Linux/Network-Security Engineer by Profession. OpenBSD user by choice.

Last edited by rocket357; 15th July 2013 at 12:18 AM.
Reply With Quote