I'm looking to have a LAN that has some storage and IOT devices connected to each other but can't access the internet (or vice versa). Is there a simple way to do this while still having my computer connect to my internet connection?
Add a 2nd eth port to your computer, attach a switch/router that the offline devices connect to, using same class C network the 2nd port uses (different from the one on 1st port that connects to broadband router/network). Unless you bridge your ports, the other devices can talk to you and each other, but not the internet. Semi-educated guess :)Reply
There are lot of approaches, how to do this. For me simplest solution, to use computer with opensource unix as gateway, with 3 lan cards.
- 1 connect to internet, with real ip; - 2 connect to first lan, with grey ip numbers (192.168. , 172. ), which have nat; - 3 connect to second lan, other grey ip network, which NOT have nat, and all packets going from it to 0/0 silently dropped by firewall.
All nets use dhcp, and have dns and ntpd for convenience, because it is much easier to change few tables at gateway, than change properties of all devices, when happen some difficulty.
Example of difficulty, I few times had troubles with my home lan, because my provider use grey ips in their network and my home net addresses conflicts with providers. So I changed networks of my home lan for some range which is not used by my provider.
BTW, this is really big trouble for some cheap hardware routers, because they have limited IP functionality, and for example one of my own such device only work with 192.168. grey ip range, they don't added 172. network range.Reply
I'd suggest an isolated LAN (network switch and all) for the interior stuff, with your system hooked to that LAN as well as your normal, internet connected one.
The isolated network should have its own root DNS server that returns "no" for all queries outside that LAN: that'll save a lot of time and misery with DNS timeouts.Reply
step 1) mass email announcing lan party
step 2) sit back while everyone sets it up
step 3(optional)) provide mountain dews baby
step 4) have a lan party
step 5) realize that OP asked about an offline lan, not an office lan.Reply
I have a "storage" network that uses a separate VLAN. If you don't have a VLAN capable switch you could just get a second switch and dedicate it to that purpose, then add a second NIC to your system.Reply
Here's a good walkthrough: https://www.wikihow.com/Create-a-Local-Area-Network-(LAN)Reply
Asked and answered, counselor.Reply
Is your goal isolation or just having the devices not access the internet?
If your goal is only to prevent them from accessing the internet, the simplest solution is to hardcode the IP addresses on your devices, but leave the gateway settings blank (or use a dummy address if needed)Reply