On 2023-07-07 09:05, Marc Chamberlin via openSUSE Users wrote:
Hello OpenSuSE, I have been trying/experimenting with setting up my SOHO network of about 5 computers, most of which are running OpenSuSE 15.4 x64, and one (my main gateway computer to the internet) running OpenSuSE 15.3 x64. All systems are using the Plasma/KDE desktop. My main gateway computer is called "quasar" and the other systems have names such as "bigbang", "nova", etc...
My network is split into 2 halves, 192.168.10.0/25 is my "internal" zone, and 192.168.10.128/25 is my "dmz" zone. Except for "quasar" each computer has 2 NIC's, one for each of my zones. Addresses and default routes are assigned by a dhcpd server, and that much is working fine (AFAIK) at the moment.
"Quasar" has 3 NIC's, one of which is for my "external" zone, and the other two are for my "internal" and "dmz" zones respectively. The "internal" zone NIC is given a static IP address of 192.168.10.100 and the "dmz" zone NIC is given a static IP address of 192.168.10.200.
My "external" zone NIC has been assigned 5 different public IP4 addresses, all statically assigned by using the YaST2->Network Card Setup to assign one of these public IP4 addresses to the NIC card itself, and the other 4 public IP4 addresses are assigned to this same "external" NIC card as additional addresses for that "external" NIC card.
What I want to accomplish is to set up the routing so that any incoming traffic to one of these external additional IP4 addresses, on a port, gets routed from "quasar" to one of my other computers on the DMZ side of my network on the same port number. So for example, lets say there is incoming traffic whose destination is 111.111.111.112:10. I want this to be routed/forwarded to my internal computer called "Nova" at it's DMZ address of say 192.168.10.210:10 and I don't want to specify a rule for each and every port number specifically. Different computers will have different services listening on different ports.
Why not have each of those machines assigned directly one of the external addresses, and have a switch at the entry? I have never done this, so I don't really know if this is good or bad. Just an idea I'm having while having my morning tea :-) -- Cheers / Saludos, Carlos E. R. (from 15.4 x86_64 at Telcontar)