/* HINT: Search archives @ http://www.indyramp.com/masq/ before posting! */
>I have set up several Linux boxes now using MASQ with a cable modem, and all
>work great! But, they all use 1 ethernet segment on the private side.
There is no private side. Get another NIC in your box and put the cablemodem
on it. This will definately help security, performance, etc.
>Primary Novell server
>------------------------
>segment 1 150.10.0.x including an AIX host that must be seen by ALL and
>presently works fine
>
>segment 2 150.15.0.x
>city #2 server
>------------------------
>segment 3 150.20.0.x
>city #3 server
>------------------------
>segment 4 150.30.0.x
>segment 150.10.0.2 (card1 in Novell) and segment 150.15.0.3 (card2 in Novell)
>AND he also has 2 other Novell servers in other cities tied to the primary
>server via bridge cards
Do the servers on 150.20.x. and 150.30.0.x have 150.10.0.x set as their
default gateway? This is critical.
>Note: subnet masks are set to 255.255.0.0
Your netmasks are creating excessive broadcasts. I highly
recommend to tune them to a 255.255.255.0.
>/sbin/ipchains -P forward DENY
This should be set to REJECT.
--David
.----------------------------------------------------------------------------.
| David A. Ranch - Linux/Networking/PC hardware [EMAIL PROTECTED] |
!---- ----!
`----- For more detailed info, see http://www.ecst.csuchico.edu/~dranch -----'
_______________________________________________
Masq maillist - [EMAIL PROTECTED]
Admin requests can be handled at http://www.indyramp.com/masq-list/ -- THIS INCLUDES
UNSUBSCRIBING!
or email to [EMAIL PROTECTED]
PLEASE read the HOWTO and search the archives before posting.
You can start your search at http://www.indyramp.com/masq/
Please keep general linux/unix/pc/internet questions off the list.
