24.02.2019 8:30, Marc Chamberlin пишет:
I am kinda racking my brains on this and know it is probably either duck soup easy or impossible... I have a SOHO network at home configured with one system using SuSEFirewall2 (yeah I know it is deprecated now...) running OpenSuSE Leap 15, with 2 NICs. SuSEFirewall2 provides NAT (masquerading) between my external NIC (which has a static IP address assigned to it) and my internal private LAN on the other NIC. My ISP just upgraded my internet connection with fiber optics cable and as a super bonus gave me a block of public static IP addresses to enjoy.
Is your current IP part of this address block? Is it IPv4 or IPv6 (bot current IP and additional address block)?
So what I would like to do with these is to assign them so that I can get a couple of my internal machines to be directly available from the internet using these new static IP addresses. (I have been doing the things I want with a lot of FW_FORWARD_MASQ definitions in SuSEFirewall2 and playing fast and loose with port assignments) And I have a number of overlapping and duplicated services, like VNC, Web, SSH, Email etc that I have had to juggle running on two or more different systems.
I know that with YaST I can assign all these new static IP addresses to the NIC card that I use to connect me to the fiber optics cable, what I
See question above. If it is independent block of addresses that are supposed to be routed via your current public IP, you probably cannot.
don't know/understand is how to connect/route/forward (whatever the terminology is) these static IP addresses and assign them to different computers on my network, while at the same time maintaining the topology of my private LAN. Do I need separate cabling or can I do this over my existing cables? Without getting Martian errors? Can I assign both an internal DHCP assigned IP address and one of these static IP addresses to the same NIC card? And can any and all port connection requests, made on one of these static IP addresses, be routed to the appropriate "internal" machine by default? (yeah I will run a firewall on it also since it will become directly exposed to the internet if this is possible.)
This is new territory for me, never had to do anything like this before! So appreciate any and all kind words of advice... Marc...
This all depends on answer to the first question. You need to have (and explain) clear picture of network topology involving these multiple IP addresses. -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org