two simultaneous gateways
hello
I am managing a server at my dorms and I want to accomplish something a little weird:
I want to solve two issues:
1. I have a problem with IP and MAC spoofing. How can I combat this?
2. I want a special configuration
I have a server with the following configuration and services:
a) three netcards:
- eth0 - internal network of the dorms
- eth1 - some cable uplink to internet (slow)
- eth2 - connection with other dorms and some other server that does snat and has a transparent proxy with larger bandwidth than the one on eth1
b) running squid transparently
c) default gateway is through eth1 to some server
d) I have three categories of users:
- non privileged - all internet traffic should go through eth1
- normal - http traffic should go through the fast connection (passed to the other server)
- high privilege - all internet trafic should go through the fast connection (eth2)
I have thought of 2 solutions for the second problem but none of them seems satisfactory...
I) use a second squid cache on my server with my local and the fast server as parents (offers authentication, but high privilege is not solved)
II) run a server in vmware on my server that has gateway the fast server; the privileged users get the virtual server as their gateway through dhcp, but I can fall into the MAC/IP spoofing trap and I am not so sure about the speed
|
