Re: [newbie] DHCP, Firewall and Proxy

[Dennis]

The reason for having 3 NIC is for making Mandrakelinux handling Two 
Internet Connection and configure it automatic connection failover, it means 
when one ISP line down it will be automatically transfer to the other one. 
Is it possible?

So the role of my Linux will be DHCP, Firewall, Proxy and Failover.
My hardware specs right now is, P4 2.4GHz, 512MB, with 3NIC one is 
built-in...

My plan is the built in one is use for LAN and the 2 NIC will be connected 
to my two ISP.

Thanks
----- Original Message ----- 
From: "Mr. Geek" <[EMAIL PROTECTED]>
To: <newbie@linux-mandrake.com>
Sent: Tuesday, February 22, 2005 8:48 PM
Subject: Re: [newbie] DHCP, Firewall and Proxy


Dennis wrote:
I have 3 NIC card... Actually I also have a plan to use that machine to
having to internet connection...
OK, Then it would be better if you set up Mandrake to handle the
Internet connection and Internet sharing first. If you plan on hosting
any websites, email servers, FTP, or other Internet-available services,
it would follow that you'll be better off with a static IP address and a
domain name.
As an alternative, you can use one of the many free dynamic DNS
services, but a lot of your functionality may be a question of whether
or not your ISP will permit it.
For instance, your ISP may be blocking ports 21, 25, 80, and 110,
effectively preventing you from offering FTP, SMTP, HTTP, and POP3
directly from your connection. This is something you'll have to find out
by contacting them directly.
On the other hand, assuming that you are allowed by the ISP to offer up
your web services to the Internet, then I'd suggest a few things.
Since you have 3 network interface cards (a.k.a. NIC's) already, I'd
suggest that eth0 (NIC #1) be used for your Internet connection, eth1
(NIC #2) be used on it's own subnet (10.0.0.0/255.0.0.0 - for example)
to connect to a hub or switch and from there to most of the other
systems on your network, and finally eth2 (NIC #3) on a different subnet
(192.168.0.0/255.255.255.0 - for example) to connect to one last system,
which can host any additional services you wish to experiment with.
As a bonus, you can build your firewall so that anything on NIC #3 can
be your De-Militarized Zone (a.k.a. DMZ) and/or set up as a "Honey Pot"
zone to trap would-be intruders.
If you don't plan on implementing a DMZ in this fashion, then remove NIC
#3, since it wouldn't serve any other purpose. The only other option
with NIC #3 would be to set up the second subnet and to use it like NIC
#2, as another subnet. Keep in mind that you should still use a
different subnet than your first one.
While that may be a lot to digest, it gives you several option on what
you can do with the system. Once you decide on a plan of action, come
back to the list with as much info as you can provide (ISP details,
long-term goals of the Mandrake box, etc., and I'm sure that someone
will be around to help out.
Thus endeth the lesson.
Mr. Geek
Registered Linux User #190712


--------------------------------------------------------------------------------

____________________________________________________
Want to buy your Pack or Services from MandrakeSoft?
Go to http://www.mandrakestore.com
Join the Club : http://www.mandrakeclub.com
____________________________________________________

____________________________________________________
Want to buy your Pack or Services from MandrakeSoft? 
Go to http://www.mandrakestore.com
Join the Club : http://www.mandrakeclub.com
____________________________________________________