Hacker News Re-Imagined

Ask HN: What's a simple setup for creating an offline LAN?

I'm looking to have a LAN that has some storage and IOT devices connected to each other but can't access the internet (or vice versa). Is there a simple way to do this while still having my computer connect to my internet connection?

  • 7 points
  • 13 days ago

  • @lancesells
  • Created a post

Ask HN: What's a simple setup for creating an offline LAN?


@codevark 13 days

Replying to @lancesells 🎙

Add a 2nd eth port to your computer, attach a switch/router that the offline devices connect to, using same class C network the 2nd port uses (different from the one on 1st port that connects to broadband router/network). Unless you bridge your ports, the other devices can talk to you and each other, but not the internet. Semi-educated guess :)

Reply


@simne 13 days

Replying to @lancesells 🎙

There are lot of approaches, how to do this. For me simplest solution, to use computer with opensource unix as gateway, with 3 lan cards.

- 1 connect to internet, with real ip; - 2 connect to first lan, with grey ip numbers (192.168. , 172. ), which have nat; - 3 connect to second lan, other grey ip network, which NOT have nat, and all packets going from it to 0/0 silently dropped by firewall.

All nets use dhcp, and have dns and ntpd for convenience, because it is much easier to change few tables at gateway, than change properties of all devices, when happen some difficulty.

Example of difficulty, I few times had troubles with my home lan, because my provider use grey ips in their network and my home net addresses conflicts with providers. So I changed networks of my home lan for some range which is not used by my provider.

BTW, this is really big trouble for some cheap hardware routers, because they have limited IP functionality, and for example one of my own such device only work with 192.168. grey ip range, they don't added 172. network range.

Reply


@h2odragon 13 days

Replying to @lancesells 🎙

I'd suggest an isolated LAN (network switch and all) for the interior stuff, with your system hooked to that LAN as well as your normal, internet connected one.

The isolated network should have its own root DNS server that returns "no" for all queries outside that LAN: that'll save a lot of time and misery with DNS timeouts.

Reply


@whoomp12342 13 days

Replying to @lancesells 🎙

step 1) mass email announcing lan party

step 2) sit back while everyone sets it up

step 3(optional)) provide mountain dews baby

step 4) have a lan party

step 5) realize that OP asked about an offline lan, not an office lan.

Reply


@icedchai 13 days

Replying to @lancesells 🎙

I have a "storage" network that uses a separate VLAN. If you don't have a VLAN capable switch you could just get a second switch and dedicate it to that purpose, then add a second NIC to your system.

Reply


@jaskyle 13 days

Replying to @lancesells 🎙



@nobody9999 13 days

Replying to @lancesells 🎙



@ratg13 13 days

Replying to @lancesells 🎙

Is your goal isolation or just having the devices not access the internet?

If your goal is only to prevent them from accessing the internet, the simplest solution is to hardcode the IP addresses on your devices, but leave the gateway settings blank (or use a dummy address if needed)

Reply


About Us

site design / logo © 2022 Box Piper