Hello all, I'm getting ready to set up a home LAN, and I wanted to first check that my assumptions are correct, and ask for any references that might help with this. The LAN will be: A firewall, runny potato or woody (haven't decided yet, as I prefer the stability of potato, but may need the newer dhcp-client to connect, and may want a 2.4 kernel for NIC's). Will do nothing more than firewall and forwarding, maybe mail serving if I hook a Doze box up. My main workstation, runs woody. A laptop, runs Win95 right now, but not for much longer. Distro TBA. A dual boot Sid/Win98 box.
The only shared services will be printing and 2 exported directories,
both coming off the main workstation.
I think that the firewall box should be set up with 2 NIC's - eth0
will be the external, and use dhcp. eth1 will be internal and have a
static address, and should have an /etc/network/interfaces like:
iface eth1 inet static
address 192.168.1.1
netmask 255.255.255.0
network 192.168.1.0
broadcast 192.168.1.255
Then configuring all the other boxen to staic IP's using 192.68.1.1 as
a gateway is trivial. The only thing I'm not sure of is, can I
specify what addresses are valid for forwarding? This is just a home
LAN, after all, and security within the LAN is not that important, but
it seems like there should be a way to specify "we forward for only
these addresses" somewhere. I know you can set it up with dhcp, but
if you use static addressing, is there such a way, without adding
routes manually?
Second question: I've seen a bunch of of hubs out there, but I'd like
a few suggestions if you guys and gals don't mind. I'm inclined to
stay away from the USB and/or wireless ones. I've also read in some
of there specs that some have built-in firewalls, routing, and so
forth. Will any of the built in routing confuse the firewall's
routing?
Enough questions for now, but looking forward to your responses,
Steve
--
When in doubt, do it. It's much easier to apologize than to get permission.
-- Grace Murray Hopper
pgprDwTnBJofY.pgp
Description: PGP signature
