You can't do IP aliasing on the Telus ADSL network because of what you say, you reserve your IPs by MAC address and you can't enter in the same MAC twice. Nor can you hard-code your IP address(s), even static is done through DHCP.... someone should smack the dodo at Telus who came up with that system. Anyways, they don't support it and it will not be possible until they modify their OCA frontend/database to allow that kind of thing, apparently they are working on it but I wouldn't hold my breath. I believe you can do it with route2 and 2+ external NICs, although I'm still working on getting it working (I had CADVision here before and used IP aliases with 1 NIC, didn't need route2 for that as the Linux firewall only had 1 default gateway, with 2 external NICs you get 2 default gateways). I know this isn't very positive feedback but this is the way Telus works. Later,
> On Thu, 15 Aug 2002 10:07:42 +0000, Richard Jenniss wrote: > >> >>Say I have my telus IP 142.152.xxx.xxx with the hostname >>bshx21zy170iab.hsia.telus.net I run BIND on that machine, can I bind it >>to another domain, say mydomain.net to bshx21zy170iab.hsia.telus.net > > Depends what you mean. Are you talking about reverse DNS or a PTRT > record, or are you talking about assigning a hostname to an IP address? > You can login to the Telus admin page for your IP addresses and > specify the hostnames for your IP addresses (PTR records), but you > can't control that on your server, telus owns those IPs, so they > maintain the reverse mappings. > >> >>From there is it possible to forward those domains to different hosts >>in my Private network so say www.mydomain.net will go to 192.168.1.3 >>mail.mydomain.net will go to >>192.168.1.4 >>and so on, with the like. > > That's basically what I need to do, but I don't think it can be done on > a domainname/hostname basis. This is done by Extended PAT or NAT; i.e > any request coming into 142.152.34.65 on TCP port 80 is forwarded > (PAT) back to 192.168.1.3. The host at 192.168.1.3 takes care of any > host header translation/web requests. Also, you could make rules to > say any request coming into 142.152.34.65 on port 25 or 110 is > forwarded back to 192.168.1.4 (SMTP and POP3). This would work, as > you're running different services on different machines internally, all > coming into one public IP, and using PAT/NAT to handle where each port > is forwarded to. However, If I had 2 web servers (port 80), I could > not do this with one public IP. I would need 2, as you can only forward > port 80 once for each IP, it won't work twice, the box would get > confused. Hence, I would need 2 public IPs on the external interface of > my routing device. This cannot be done an a Telus DSL connection, as > these IPs would be coming from the same MAC address, Telus's system > cannot accept these. I shouldn't say for sure this can't be done, I > just don't know any way of doing it on the Telus system. When I asked > them for help, they either didn't understand what I was talking about, > or were not willing to help. > > >> >>Would this be a possible solution in your situation timmy? >> >> >>On Thu, 15 Aug 2002 09:40:11 -0600 >>"timmy" <[EMAIL PROTECTED]> wrote: >> >>> No, this worn't work. I can't put my whole IP block on the external >>> interface of my Linux Box, it won't work. I can do what you >>> suggested, no problem at all, > but >>> as for running an IP pool on the external interface, that's a no-go. >>> >>> On Thu, 15 Aug 2002 09:26:04 -0600, Kevin Anderson wrote: >>> >>> >This shouldn't matter at all. >>> > >>> >Plug your (dual-homed (2 Network Cards)) Linux box into the Telus >>> >connection, and plug a hub (or whatever) into the other NIC. Then >>> >plug all the PCs into the hub, and set them to use the Linux box as >>> >their default gateway. The Linux box will do NAT, and there will >>> >only be 1 MAC on the Telus side anyway. The Linux box will recieve >>> >requests from the clients, strip out their MAC & IP, replace it, and >>> >send the packet to the next hop. My Guess is that this is already >>> >happening for you. Your firewall will look after all of it. >>> > >>> >Kev. >>> > >>> > >>> > >>> > >>> >----- Original Message ----- >>> >From: "timmy" <[EMAIL PROTECTED]> >>> >To: <[EMAIL PROTECTED]> >>> >Sent: Saturday, August 10, 2002 11:56 AM >>> >Subject: (clug-talk) IP aliasing >>> > >>> > >>> >> Anyone here have any experience with IP aliasing? I had a couple >>> >> of >>> >clients on cadvision, and I had built firewalls for thier DMZ. I ran >>> >IPTABLES and had >>> >> configured the boxes with IP aliasing, so all of the IPs in the >>> >> /29 >>> >Cadvision provided were on the external interface of the firewall. I >>> >just did simple NAT/PAT to >>> >> manage the services on the servers behind the firewall. Now, with >>> >> Telus, >>> >this, to the best of my knowledge, is no longer possible. You have >>> >to register a unique >>> >> MAC for each IP address you are using. Seeing as how all of the >>> >> IP's would >>> >return the same MAC, this is not possible on Telus's system. Does >>> >anyone have a >>> >> solution for this, or do I have to: a) run the servers with no >>> >> firewall, >>> >or b) build a seperate firewall for each machine?. Maybe there are >>> >other oprions, but I'm not >>> >> sure of what they might be. I did phone Telus tech support, and >>> >> they of >>> >course were no help; they basically told me to either go find >>> >another provider, or switch to >>> >> their $1500/mo fibre service. >>> >> >>> >> What I don't understand is how they expect customers to run a >>> >> network >>> >properly in this kind of situation. If someone is running a Cisco >>> >PIX, or a Watchdog >>> >> Firewall, which can both be configured with "IP Pools" on the >>> >> external >>> >interface, what happens to their configurations? I basically had to >>> >reconfigure the whole >>> >> network in order to get things to work properly with the new Telus >>> >service, not to mention the barrage of other problems that arised >>> >from a bunch of dumb >>> >> mistakes on their end. When I phoned and asked for support, I was >>> >> pretty >>> >much led to beleive they did not care one way or another if my >>> >service was working. >>> >> Has it come down to that with Telus? It seems that they have >>> >> gotten so >>> >big, with so many customers, they just don't care about a few people >>> >that might be more >>> >> than a little upset over the whole ordeal, so they'd just as soon >>> >> lose >>> >them as customers. What's it to them after all? They've got hundreds >>> >of tgounsands of >>> >> customers, what's the big deal about losing a few? That is not >>> >> good >>> >business. I work for an ISP here in town, TeraGo Networks, and we've >>> >currently got about 600 >>> >> customers nationwide. That's mouse nuts compared to what Telus or >>> >> Shaw >>> >has, but at least I take pride in knowing I care about our customer >>> >base, no matter how >>> >> small or how large the company ends up getting. >>> >> >>> >> >>> >> >>> >> >>> >> >>> > >>> > >>> >>> >>> >>>
