Bill Moseley wrote:
At 12:39 PM 04/15/00 -0500, Ben Rosenberg wrote:
Yep, I have DSL in St. Louis from Southwestern Bell w/ 5 static ips...and it is bridged as well. If you want routed DSL try exodus.net which I hear is very good.
Ok, I asked the original 5 IP question. But I haven't groked it completely yet, sorry.
I'm not clear on what you mean by bridge. Let me explain my current home network and maybe some kind person could show me how things would changes under a 5 static IP DSL setup:
A bridge is similar to a router, but has two major differences: 1. A bridge forwards by looking at MAC addresses, a router forwards by IPs. 2. A bridge forwards broadcast packets, while a router does not.
I have three machines right now (I'll sell the extra two IP numbers to my neighbors... ;)
Currently:
192.168.0.1: has modem that dials up my ISP. Also running a primary master DNS server (Nothing delegates to that DNS of course, although I have it pretend like it's the master for my domain). This machine is running dial on demand.
192.168.0.98 & .99 - one SuSE the other Win98. Both have the default gateway set as the .1 box. The SuSE box is running a slave DNS (off the .1 box), and the Win98 box has both the .1 and .99 box as its DNS servers.
So, do I connect the DSL 'modem' onto my network (just as if I was adding another computer to the LAN), and then that machine becomes my new gateway, as I think Greg described it? (But then I wonder about a firewall setup.)
It is possible to connect a router directly onto your hub, but this is *not* advisable, from a security point of view. The best and easiest way is to install a second network card in one of the servers (or in another old machine), and connect the router/bridge to that. The machine with two network cards would then be the firewall machine. Finally, you just need to do some juggling with the routing tables and ipchains to get it all working.
What would people recommend about DNS? Should I run my own primary DNS, or should I pay the ISP (PacBell in my case here in California) to handle the DNS. Seems like I should do it, but that it would be a bad idea to also handle the secondary DNS on the same set of five IP numbers as I'd be out of luck if my DNS connection went down. Probably better to try to find a friendly person that would act as a secondary DNS (and also secondary for mail).
I can't really suggest anything about you DNS situation, but if you do your own DNS, it is a *very* good idea to have a friend do your secondary.
Then I wonder if I could get Pacbell to delegate reverse DNS to my machine, too. Aren't there some servers that will block me if my reverse DNS doesn't match my DNS?
About that firewall: I've had some people recommend using a separate firewall product (something like a SonicWall unit). I thought I could just setup one of my machines as the firewall using ipchains, but I'm confused how that would work with this 5 IP DSL setup. I'm really not that clear how all the parts fit together.
I myself would use ipchains - I don't see any reason to cough up for commercial software here... but I don't understand what you mean when you say you're confused as to how that would work wiwth 5 IPs. Basically, you've got a subnet consisting of 5 IPs, so you can make use of subnet masks (in your case 29) within your ipchains rules. Need any more help? Just ask. Chris -- Apologies to everyone who has been waiting for replies off me over the past few weeks - I've been away from my computer. I'll try to catch up with my email over the coming days, but don't be surprised if you get a reply in a month's time... __ _ -o)/ / (_)__ __ ____ __ Chris Reeves /\\ /__/ / _ \/ // /\ \/ / ICQ# 22219005 _\_v __/_/_//_/\_,_/ /_/\_\ -- To unsubscribe send e-mail to suse-linux-e-unsubscribe@suse.com For additional commands send e-mail to suse-linux-e-help@suse.com Also check the FAQ at http://www.suse.com/Support/Doku/FAQ/