[techtalk] Building ADSL - LAN

Amos Hayes ahayes at polkaroo.net
Wed Oct 6 17:37:41 EST 1999


On Wed, 6 Oct 1999, Just This Girl wrote:

> Thank you for the pointer, and I am certain that I might be interested
> in this later, but upon reading the document, I do have IP addresses of
> the public variety that I can assign to each card that I have on my
> network. I do not need to use the private network addresses, and I would
> rather refrain from doing so until I have everything working to avoid
> dealing with another topic at the same time.

The more info, the better the help. :)

Option # 1
----------
If you have multiple public IP addresses that route to/through your ADSL
connection, then you should just be able to hook up an ethernet hub to
your ADSL "modem" and toss all your PCs on it.


Option # 2
----------
A more complicated alternative is to put all your machines "behind" your
Linux box and make it a router. This would then be able to do firewalling
down the road. Have a look at the Linux Networking HOWTO
http://www.linuxdoc.org/HOWTO/NET3-4-HOWTO.html and have a look at the
section on routing. This could get complicated since it will probably
involve subnetting your assigned IP range. Unless you have a couple class
C networks to play with, you probably don't want to get in to this.
Opinions may vary. I'd love to hear them.


Option #3
---------
Even if I had multiple assigned IP addresses, I would go with the IP
Masquerade setup. You can still use those addresses outside: either
aliased to your outside ethernet card (handy for DNS, virtual hosts, etc)
or mapped through to the inside for special purposes (ssh directly to an
inside box) using ip forwarding. Having a private network internally is
not only easier to set up than option #2 above, but also gives you more
flexibility with your external (read valuable) IP addresses. You could
even combine option #1 and option #3 if you wanted to have a few machines
outside (DMZ) and your internal machines inside.

Have a look at the latest version of the IP Masq mini HOWTO. (sorry I
didn't check the version before)

http://members.home.net/ipmasq/ipmasq-HOWTO-1.78.html

Specifically, have a look at section 6.5. You can pretty much copy that to
an rc file (with a few edits for your particular info) and voila,
everything works and is relatively secure. This assumes a box with a
reasonably current distro, a 2.2.x kernel, and two working/configured
ethernet cards.


Anyway, my prefered route is pretty obvious. :) Obviously, it is not the
only one.

--
Amos Hayes
ahayes at polkaroo.net
http://polkaroo.net/~ahayes



************
techtalk at linuxchix.org   http://www.linuxchix.org




More information about the Techtalk mailing list