That is perfectly right Bill. A regular "straight-through" cable should do
it because that's what they usually use between CABLE & DSL modems anyway.
I have yet to get these neat little devices but I have witnessed the
convenience and speed they've brought to INTERNET access. Some day, my
dream will come true...
Thanks for the correction!
Bill Strosberg wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> All:
>
> I'm using a crossover cable between my dual homed Linux server /
> router and Linux firewall with no problems. No second hub is needed,
> unless you need great distance or more machines connected to the
> firewall (external) network segment. The DSL to dual homed firewall
> segment should remain a straight through 1-1, 2-2, 3-3, 6-6 cable, as
> a crossover will cause everyone to stop talking. The way I've done
> things requires four (yes four) Ethernet adapters between the firewall
> and server, but since I'm twice masqueraded, somebody's really got to
> work at getting in.
>
> Even if you are not using an external Ethernet bastion firewall box,
> you can apply the same principles to a dual homed Linux router /
> masquerade box. The physical layer stuff never changes (thank God!).
>
> Bill Strosberg
>
> - -----Original Message-----
> From: Audie Pierre [SMTP:[EMAIL PROTECTED]]
> Sent: Wednesday, December 02, 1998 4:24 PM
> To: Caleb Shay
> Cc: Masq
> Subject: Re: [masq] New to this
>
> Actually, you can run IP MASQ on a Linux box with only one network
> interface; however, it is not recommended because of security reasons.
> You
> can bring up an alias of eth0 precisely eth0:0 with a private net IP
> (192.168.1.x). That way everything would be connected to the same hub
> (INTERNET & PRIVATE NET). Keep in mind that IP ALIASING must be
> enabled in
> the KERNEL.
> Logically a dual-homed Linux box (with 2 network interfaces) is the
> best
> configuration because it allows for both security using INPUT & OUTPUT
> rules
> and a clean set of rules which distinguish packets between the
> internal and
> the external interface.
> Do yourself a favor, get another HUB and another network interface.
> They are
> rather inexpensive these days. Well, before you buy the HUB try a
> crossover
> cable between the DSL modem and the Linux box; It might just work.
> By no means am I trying to discourage you from experimenting with IP
> ALIASING and whatever else that may come out of your imagination.
> Knock yourself out! Ciao!!!
>
> Caleb Shay wrote:
>
> > Hi all,
> >
> > I'm new to this, so bear with me.
> >
> > I just want to know if this will work, I'll worry about how to
> actually
> > do it later.
> >
> > I currently have my internet connection coming in via DSL. The DSL
> > modem has a single ethernet cable that connects straight to my
> > machine. I have a single static IP. I just bought a second
> machine.
> > As far as I can tell, to set up IP Masq I'm going to need to have 2
> NICs
> > in one of the machines. Or do I? Can I run from the modem to a
> hub,
> > have both machines in the hub also, and do my IP's like this...
> >
> > Machine 1: Static IP to outside world and private IP aliased to same
> > device (eth0)
> > Machine 2: private IP with Machine 1's private IP as the gateway.
> >
> > Will this work, or am I just imagining things and I have to go pick
> up a
> > second ethernet card and hope I can make it work (not usually an
> issue,
> > but there is so much hardware in my machine I don't have any free
> > IRQs)? I'm not much of a networking genius either, if I can do
> this, do
> > I need to use a crossover cable from the modem to the hub?
> (currently I
> > just run a straight thru cable from the modem to my NIC)
> >
> > Thanks,
> >
> > Caleb Shay
> > [EMAIL PROTECTED]
> > [EMAIL PROTECTED]
> > --
> > I have too much blood in my caffeine system.
> >
> - ---------------------------------------------------------------------
> > To unsubscribe, e-mail: [EMAIL PROTECTED]
> > For additional commands, e-mail: [EMAIL PROTECTED]
> > For daily digest info, email [EMAIL PROTECTED]
>
> - --
> Audie P.
>
> The perimeters that we put on ourselves
> are self-imposed...There are no boundaries.
>
> - ---------------------------------------------------------------------
> To unsubscribe, e-mail: [EMAIL PROTECTED]
> For additional commands, e-mail: [EMAIL PROTECTED]
> For daily digest info, email [EMAIL PROTECTED]
>
> -----BEGIN PGP SIGNATURE-----
> Version: PGPfreeware 6.0 for non-commercial use <http://www.pgp.com>
>
> iQA/AwUBNmW4mb54Nqd1rjuWEQJu3gCgtrMmgPwMBy9MDOk7/tAmTMjomqwAoI1a
> H2hqZic6CvgCqzpBZ5/Jbp4g
> =4H3b
> -----END PGP SIGNATURE-----
--
Audie P.
The perimeters that we put on ourselves
are self-imposed...There are no boundaries.
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
For daily digest info, email [EMAIL PROTECTED]
