Removed by mod
bottom top
nice
This is why I always hard connect each of virtual machines to a separate port.
Why did I read all of this in TF2 Soldier’s voice
Subnets are not security
tech shitposting
yesss
@[email protected] @[email protected] honestly, using VLAN is just out of my budget for my home network. Especially since I don’t really have a managed switch to put it all with
Managed switches aren’t too much more than their unmanaged counterparts. More importantly, you’d need a firewall that supports it. Doesn’t do you any good to have vlans if you don’t have a firewall to enforce traffic between those zones. Getting a firewall is the expensive bit, unless you use an old computer and toss pfsense/opnsense on it, or you buy a baby soho firewall (~$150-$200)
aah thank you I love this meme format so fucking much
I don’t get it x.x
Which part?
Are you confused about VLANs or the meme format?
VLANs are just a way to separate machines on a network, without having to buy all the hardware infrastructure to build a second network. It’s a super useful tool to have, but it makes everything a little more complicated.
The post itself is just a take on the “STOP DOING MATH” meme
A virtual local area network, or vlan, is a logically defined subset of a computer network that are used to control, from an administrator/system level, which computers are ‘connected’ to others. There can be an unbroken, physical connection between two devices, but they won’t be able to communicate because network hardware is stepping in and segregating the network.
This is good because it can increase security- rather than having your sensitive information on your company network with a password, which can be cracked or stolen, being the only thing controlling access to it, with a vlan you can limit access to even attempt to use a password to only the parts of your network that actually require it. It also controls traffic and congestion on the network, because some data is ‘broadcast’, effectively addressed “to whom it may concern,”. A vlan places a wall around parts of the network that keeps these broadcasts inside, i.e. splits broadcast domains. Ordinarily, this would require different hardware and physical design, which can increase cost and complexity.
But on the other hand, the physical network structure encouraged by this design is very flat, with all devices physically connected to each other. It is only inside configuration on the network hardware that things are broken up and divided, which means if whoever set it up didn’t document it, you are required to not only figure out where all the cables go, but also how the network systems are controlling the data. It’s also another “thing” that can break. If there were physical segmentation, you could follow a cable and see where its gone wrong, and if something were plugged into the wrong port, it would be plugged into the wrong device entirely, and you would just move the connection to the correct device. With a vlan, you’ll have a switch with dozens of ports, each having its own independent configuration defined on a table, which means it can be plugged into the correct device, but the wrong individual port out of dozens. The configuration could also become corrupt, or be broken by an accidental change or hardware failure, and you would now need to rebuild the table, going through each individual port and configuring which vlan was supposed to be on it.
aka i don’t either and i need help at my new job 🥲