At 01:00 PM 2/1/2002 -0800, you wrote:
>--- Linux Rocks ! <[EMAIL PROTECTED]> wrote:
> > Justin,
> > so... It may be a simple cableing issue for you... You can plug your cable
> > modem into the switch/hub, then the rest of the computers into the
> > swtich/hub. You could also connect the cable modem into the firwall
> box, add
> > a nic, and connect that nic to the switch. This physically separates the
> > network, I would recommend not setting it up that way though. modem >
> switch
> > > computer(s) is how I would do it.
>
>that's the idea, yes. but one computer needs to route since i only plan
>to use
>one external IP. my sister uses win95, so security is an issue as well.
>
> > DHCP shouldnt be any issue for you. You can do dhcp via your cable
> modem, or
> > your firewall/gateway box. no problem... If you do it via the gateway
> box you
> > will likely have a bit more flexibility though. You might want to do
> what Ive
> > done with dhcp (although I still have an issue...) setup DHCP to assign
> > specific IP's and hostnames to specific boxes (actually, specirfic
> hardware
> > addresses of the network devices).
>
>the real dilema, and what i can't puzzle out and/or visualize, is how to route
>to a dynamic IP. especially when i only have one NIC in the router. setting
>up a gateway is simple (for me) when all of the IP's are static and i have two
>NICs.
>
>i need to route inside traffic (my desktop, my sister's desktop) to one
>dynamic
>outside IP (my desktop to the cable modem) using only one NIC in my machine.
>my machine is thus the router, firewall, and gateway as well as my desktop.
>
> > You can use your gateway/firewall box for a workstation if you want... the
> > issue is that you are inside, and outside the firewall at the same
> time, and
> > could pose a security risk... all the computers are yours though... do
> what
> > you want with your comptuers...
>
>no, all of the computers are not mine. my sister is moving in with me, and i
>want her to be able to use the cable modem as well. since i donated my
>firewall to the LUG (no, i don't want it back...), i need to find a solution
>that only involves two desktops.
Well, since I am a newbie to linux, I cannot tell you this in terms of how
to do it with your computer, but I can talk about the concepts, what you
could posssibly do, is place two NICs in the computer that is attaching
itself to the modem, and the other attaching itself to your sisters
computer, then you could just make your computer the
gateway/firewall/router using a private IP address for your secondary
network interface, and your sisters primary. Then you could just use these
example config:
your comp
eth 0: (your cable modem settings)
eth 1: 10.0.0.1 netmask 255.0.0.0
sisters
Ethernet card: 10.0.0.2 mask 255.0.0.0 gateway 10.0.0.1, what should happen
is that you would automatically(I think) route the info as needed, then all
you would have to say is what ports are not allowed in/out to that computer
through your eth1 interface. although the policies have to be what she
can't send out as in and the other way as well, because of the nature of
the connection. The dynamic IP will be a non-factor because your computer
would have a gateway that would resolve all of the addresses your cable
modem, and your box would make the requests for your sisters box. I hope
that this helps you somewhat.
Sincerely,
Doug Mason
