Mailing List Archive
Support open source code!
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
RE: tlug: More IP addresses
- To: tlug@example.com
- Subject: RE: tlug: More IP addresses
- From: Frank Bennett <bennett@example.com>
- Date: Wed, 9 Dec 1998 09:30:44 +0900 (JST)
- Content-Type: TEXT/PLAIN; charset=US-ASCII
- In-Reply-To: <000101be229c$5a97e860$545dd8cb@example.com>
- Reply-To: tlug@example.com
- Sender: owner-tlug@example.com
On Tue, 8 Dec 1998, Stephen Carter wrote: > Is there a good fac on how to set up IP masquerading, especially how to > incorporate a dynamically allocated address of the dial-up ppp sort? The > kind of think all the ISPs wish we wouldn't do? If you have a Linux box with installed documentation handy, it's probably in your machine waiting for you. Under TL or RedHat, try: /usr/doc/HOWTO/mini/IP-Masquerade Think carefully before going the dynamically-allocated route. The only circumstance in which it does anything for you is when you have to allocate real-world IP addresses that have been allocated to you for distribution by the powers that be, and you have more users to service than you have IP addresses to hand. If that doesn't describe your situation, then static assignment is a better choice; it makes it simpler to track down the source of trouble when someone's machine goes crazy and starts piping hazardous rubbish to your server. In particular, if you are using masquerading to subnet, every connection from a subnetted machine will appear to the Internet to have originated from the masquerading firewall machine itself. Behind the masquerading firewall, you will use private addresses in the local range for firewall-client communications. I forget the exact starting-point of the range, but there are 64,000 addresses in it, so you're not likely to run out. :) My two bits' worth, anyway. Note that there is one limitation to a masquerading setup; masquerading only works for outbound connections, so you won't be able to station a public server behind the firewall -- public servers would have to run on the firewall machine itself. Cheers, --- Frank G Bennett, Jr @@ Faculty of Law, Nagoya Univ () email: bennett@example.com Tel: +81[(0)52]789-2239 () WWW: http://rumple.soas.ac.uk/~bennett/ ------------------------------------------------------------------ Next Technical Meeting: 12 December, 12:30 at Temple Univ. Japan *NEW LOCATION* a map is available at http://www.tuj.ac.jp/maps.html Next Nomikai: 15 January 1999, 19:30 Tengu TokyoEkiMae 03-3275-3691 ------------------------------------------------------------------ more info: http://tlug.linux.or.jp Sponsor: PHT
- Follow-Ups:
- Re: tlug: More IP addresses
- From: Jim Tittsler <jwt-tlug@example.com>
- Re: tlug: More IP addresses
- References:
- RE: tlug: More IP addresses
- From: "Stephen Carter" <carter@example.com>
- RE: tlug: More IP addresses
- Prev by Date: RE: tlug: More IP addresses
- Next by Date: Re: tlug: More IP addresses
- Prev by thread: Re: tlug: More IP addresses
- Next by thread: Re: tlug: More IP addresses
- Index(es):
| Home Page | Mailing List | Linux and Japan | TLUG Members | Links |