On 26.6.20 12:15, R.Wieser wrote:
> Grant,
>
>> Is that "have not (yet)" or "will not (ever)" allow them to communicate
>> with each other?
>
> I think this is one of the few instances where a single "yes" is
> appropriate. :-)
>
> I have not ever, nor do I intend to have them ever communicate with each
> other over ethernet.
>
>> I'm guessing that the computers currently can't communicate with each
>> other via TCP/IP (et al.).
>
> Correct.
>
>> But are you willing to (re)configure things so that they can communicate
>> with each other via TCP/IP? Or do you want to forbid that?
>
> Nope and yes. Thats why I placed them on their own subnets.
>
>> What precisely does "communicate" mean in this context? - Does storing a
>> file in an intermediary location for the far end system to pick up count
>> as "communication"? Or are you specifically referring to something like
>> end-to-end TCP/IP connections?
>
> [quote=me]
> For that I could imagine a kind of "post office" solution, where 'puters on
> both subnets can leave messages for each other and ofcourse read each others
> replies, but never directly talk to each other. (both 'puters connect to a
> known port on the RPi).
> [/quote]
>
>> I ask these questions because I've had client's have different answers and
>> they effect the solution(s).
>
> I think the above quote answers it. :-)
>
>>> The first problem would be that I would need to add another (or more)
>>> ethernet connection (so the 'puters on one subnet cannot reach 'puters on
>>> the other one).
>>
>> Now it sounds like you might be willing to allow end-to-end TCP/IP
>> connections.
>
> Nope. I thought about that, but consider it to be too dangerous - unless I
> would only allow only a very small range of ports thru, with zero
> firewall-intelligence (opening other ports when the "inside" 'puter asks for
> it). But that would mean I would need to be very sure that no port in the
> allowed range would be used by any of the 'puters default, or later
> installed programs/services. As I can't be I decided that the "postoffice"
> way of handling stuff would be best.
>
>>> (at a usable speed) ?
>>
>> It depends what you consider to be a usable speed.
>
> I have been considering hooking up two 'puters thru a classic RS232
> connection (DB9 connectors). Alas, even on their highest speeds, 128000
> bps, it islaughably slow in comparision to a LAN connection.
>
>> I know exactly what I would use if I wanted computers on different
>> networks to exchange messages / files / commands with each other without
>> being able to establish end-to-end connections between them.
>>
>> I'd use UUCP over SSH. (You can use UUCP over TCP or serial too.)
>
> I don't know anything about UUCP, and have to look into it.
>
> Though the programs are less of a problem. I enjoy programming, and have no
> problem with trying my hand at writing stuff for both the (Windows) 'puters
> as well as the RPi (even though I'm a very much a novice on the latter).
>
> The biggest issue is if the RPi allows for electrically & programmatically
> seperated ethernet connections, and allows me adress the ethernet interfaces
> seperatily.
I already answered for that:
- get a virtual LAN capable switch
- separate the switch ports to three groups:
-- one port for RPi,
-- one group for net A, assign VLAN number a to it
-- one group for net B, assign VLAN number b to it
- configure the Pi port to be trunk member of VLANs a and b
- access net A from Pi with eth0.a (substituting the VLAN number)
- access net B from Pi with eth0.b (substituting the VLAN number)
A 5 port switch like gs1200-5 makes thus Pi see up to four separate
Ethernet connections. As an example:
Configure port 1 to VLAN 10 with port ingress ID 10,
configure port 2 to VLAN 20 with port ingress ID 20,
configure port 3 to VLAN 30 with port ingress ID 30,
configure port 4 to VLAN 40 with port ingress ID 40,
configure port 5 a trunk member of VLANs 1, 10, 20, 30 and 40
Connect Pi to port 5, and set up interfaces
eth0.10, eth0.20, eth0.30 and eth0.40
You can use the VLAN interfaces as separate Ethernets at the Pi.
If IP forwarding or bridging is not set up, the virtual ethernets
do not see each other.
Note: A 'port' in switch parlance is a connector at the switch
and the associated electronics. It has nothing to do with TCP
and UDP ports.
--
-TV
--
-TV
--- SoupGate-Win32 v1.05
* Origin: Agency HUB, Dunedin - New Zealand | FidoUsenet Gateway (3:770/3)
|