Need some Configuration advice

Started by fbeye, March 16, 2025, 04:34:45 AM

Previous topic - Next topic
Print
Go Down Pages 1 2
User actions
March 17, 2025, 11:09:56 PM #15
Quote from: pfry on March 17, 2025, 09:11:58 AM
Quote from: Patrick M. Hausen on March 16, 2025, 08:38:41 PM@pfry honestly I never understood your bridging setup nor the motivation for it. I avoid layer 2 "tricks" at all costs. Routing is always better than bridging.

It's how many US Internet services are delivered, particularly static IPs over most DOCSIS and fiber. You're either going to use a bridge or some layer 3 tricks (e.g. proxy ARP or NAT). Choose your poison. I have to say, I prefer it over PPPoE.

In the end, if we use Ethernet (or any other IEEE 802 network), we use bridges. I just shift them a step into the firewall.

My old cable setup was a Lucent (Xedia) AP1000 (router/firewall/CBQ shaper) providing shaping and proxy ARP routing to a Juniper (Netscreen) SSG 550. My OPNsense setup is nice by comparison (the need for shaping is kinda gone in these days of multi-Gb Internet links).

QuoteThat's why IP was invented.

Heh. Timeline.

QuoteWhen Ethernet went from a bus to a star topology we should have abandoned broadcast domains and let the switches use IP instead. Even Radia Perlman who invented bridging and spanning tree says so nowadays. Bridging was a mistake. [...]

I'll see your Perlman (actually never read any of her material that I recall) and raise you one Rich Seifert (he used to hang out on comp.dcom.lans.ethernet). But bridging predated common use of IP in business, and practical routing silicon essentially arrived with gigabit Ethernet (some years after 10BASE-T, much less LattisNet). Considering how well Ethernet works, the viewpoint that bridging was a mistake seems a bit odd.

QuoteBut you do you 🙂

I think that's the message for fbeye as well. "Practical" is what works for you - once you get there. Well, unless you're a complete nut.


Most all my questions on any forum aren't can I, but should I. And even that really stems from a security standpoint. Does my setup, though works "flawlessly" cause any bottlenecks. Does it expose my LAN to the internet in ways I am not imagining. I totally get it it's a preference thing I just wanna make sure not doing it wrong.
I can eat McDonald's every day, my choice. But should I.
Print
Go Up Pages 1 2
User actions