Franki wrote:
>
> Hi again peoples...
>
> I have discovered that our ADSL connection is in bridged mode, can't be
> changed and is the reason for the virtual IP's not listening on the net
> side...
>
> So, they tell me that the way around this, is to assign the IP's to internal
> machines, and route them through the gateway...
>
> I don't want any of our internal machines to have public IP's,,,
>
> So, I thougth, I know, I will put another linux box behind the gateway and
> have it listening for those IP's and have it routed though the gateway, then
> I can use portforwarding on that new box to connect to the internal
> machines.
>
> Then in a burst of thought (unusual for me :-) I thought, since the gateway
> has two network carts, eth0 (to the internet)h and eth1 (to the internal
> network), why can't I set the ip alises to eth1 and then route them through
> eth0 to allow connections to them over the net....
>
> I think that will work and will solve my problems, but I am alittle unsure
> how to go about it...
> (never had to setup routing before, but was very plesently surprised how
> easy port forwarding was to setup, and I'm hoping that routing is the same.)
>
> So, say the eth0 internet gateway IP was 203.59.43.18 (its not but for
> discussion purposes it'll do)
>
> and eth1, the internal NIC is set to listen for 203.59.43.22, 23, 24 and 25
>
> how would I setup routing so that those address's are routed through eth0???
By changing at least one IP address....
the last octet of each address is:
.18 = 00010010
.22 = 00010110
.23 = 00010111
.24 = 00011000
.25 = 00011001
then, using masks like this:
11110000 (/28) = all boxes in same net
11111000 (/29) = 18,22,23 in one net; 24, 25 in other
11111100 (/30) = 3 subnets: 18; 23, 23; 24, 25
If .18 was changed to .1-.15 or .33-.254, a netmask of /28 would work (=2
14-host subnets); but the subnet sizes may conflict with your ISP. Since the
ISP connection is "bridged", you or other customers could interfere with each
other depending on the setup... To route internally, you would need:
2 6-host subnets (16-address range)
3 2-host subnets (12-address range)
Starting to see where your ISP would be unhappy...?
SO... how about some real addresses...? It may be that the addresses you were
assigned cannot be separated by a router.
It may be that your ISP's policies/pricing could force you into using a real
router or a single IP and IPMasq... I think there is a way to setup Linux as a
bridge; but since your link is also bridged, you may not like the results.
> any help would be seriously appreciated, if I don't work something out, they
> are going to insist that all the internal machines have public IP's
> something I REALLY don't want to do...
So why do you have 5 IP addresses assigned vs 1+NAT (IPMasq)...?
Pierre
> please can anyone help me out here???
>
> many thanks and kindest regards..
>
> Frank
> Perth WA
--
Support Linux development: http://www.linux-mandrake.com/donations/
Last reboot reason: 01/03/27: winter storm 6hr power outage
