split a network
Antony Stone
Antony@Soft-Solutions.co.uk
Thu, 19 Jul 2001 13:45:12 +0100
On 19 Jul 01 at 13:21, MANUEL GARCIA-CERVIGON wrote:
> Hello,
> Right now, I we have a Firewall to prevent hacking from my network wich =
has
> servers and pc with private IP=B4s.(168.0.1.X) I would like to create a =
DMZ
> without changing any IP. Does anyone Know how to split my actual Network
> into a DMZ and a MZ?
What range of X are your current machines using ?
If everything's currently between 1 and 127, for example, you could split =
the
network into two "half class C's" with a netmask of 255.255.255.128 instea=
d
of the usual 255.255.255.0
If currently-used addresses exist both below and above 128, you'd need to =
do
something a bit more complicated like having three network ranges using a
netmask of 255.255.255.192 on the same cable segment (they can communicate=
with each through the the single firewall interface) and the other
255.255.255.192 network (64 addresses) as your DMZ...
Hope this helps,
Antony.