Sorry for all the ambiguities.
First, I don't administer the bsd.uchicago.edu domain. I just have
some machines that are in that domain. Once of them is my router,
another is video.bsd.uchicago.edu. I just want to have some machine
behind my firewall that I can get to from the outside world (ssh,
http, mail)
Here is the current setup (first attempt at ASCII art)
-------------------
Internet <--> | eth0 |
| (128.135.97.118) |
| Firewall/Router |
| eth1 |
| (192.168.1.1) |
___________________
|
----------------------------------------------
| | | |
198.162.1.2 198.162.1.3 198.162.1.4 128.135.97.144
paradise.lost paradise.lost paradise.lost bsd.uchicago.edu
So in the current config, the router interacts with the internet on
eth0 and the LAN on eth1, with the IP addresses of those cards given
in the diagram.
I want to be able to access 128.135.97.144 from the internet.
I am running routed on the router, which, from my read, should
broadcast to other routers that I provide a route to 128.135.97.144.
But perhaps I am reading the man pages wrong or haven't configured it
properly.
Perhaps I am just screwy and have no idea what I am doing. As I said,
it's my first time.
Is it a better strategy to have only 192.168 machines connected to
eth1? The http server would run on a 192.168 machine. If the
internet makes a port 80 request of the router, it would forward it on
to the 192.168 machine. I have been reading 'Building Internet
Firewall' I have always assumed that the bastion hosts had externally
valid IP addresses; but perhaps not...
JDH
