Re: Configuration for a Linux router with a client having a public address

To: debian-user@lists.debian.org
Cc: peasthope@shaw.ca
Subject: Re: Configuration for a Linux router with a client having a public address
From: peasthope@shaw.ca
Date: Thu, 2 Sep 2010 15:31:09 -0700
Message-id: <[🔎] 171056610.63433.41719.@cantor.invalid>
In-reply-to: <[🔎] 20100902200020.GA20944@hysteria.proulx.com>

From:	Bob Proulx <bob@proulx.com>
Date:	Thu, 02 Sep 2010 14:00:20 -0600
> So dalton has address 172.24.2.1 in the RFC1918 private address space.

Dalton has external address 142.103.107.137 and several internal addresses 
including 172.24.2.1.

Here is an old sketch.  Dalton is on the left.  We're not concerned with Joule.
    http://members.shaw.ca:80/peasthope/Network.jpg
Until my current tinkering, Carnot and Dalton were both connected to the 
network through an old Allied Telesis CentreCOM 3612TR not in the sketch.  
The current objective is to eliminate the 3612TR and route to Carnot through 
Dalton.  Two benefits: less machinery running; faster communication to 
Dalton.  The 3612TR is 10BASE-T.

> If you want a point to point network between two machines on a
> crossover cable then both hosts should be on the same subnet.

"Both ends of a cable must be on one subnet." is an axiom of networking?  
That's crucial.

> Instead define a subnet for both hosts and put each host on that subnet.

For example, Carnot gets address 172.24.2.2 connecting to Dalton at 172.24.2.1.  
Still, the outside world expects to find Carnot at 142.103.107.138.  
Continued below.

> Is dalton a router on the public Internet?  (It would help to know if
> it is a WRT54G type of router or if it is a full functionality Debian
> host.) 

Dalton is a Linux router running Debian Squeeze with public address 
142.103.107.137.  The firewall will prevent a response by ping.
"ssh 142.103.107.137" should indicate it exists.

> Is carnot a machine on your private network that you want to
> actually host the public Internet service (HTTP, SMTP, SSH)?

Correct.  HTTP & SSH are sufficient.

> ... dalton that should get the public IP address.  ... have it port forward 
to carnot for the services that you want to host on carnot.  

Dalton gets 142.103.107.138 while carnot has only a local address;  
neither machine uses 142.103.107.137.

> There are several different ways.  And each of them have
> subtle things that if not configured correctly will cause things not
> to work as desired.

OK.  It's a learning exercise for now.

> The new way is with ifup and ifdown.
> 
>   sudo ifdown eth0
>   sudo ifup eth0
>  ... bring an individual interface offline with ifdown eth0
instead.

Right oh.  Will try these ideas tomorrow morning or next week.

Thanks,                    ... Peter E.

-- 
VoIP 7785886232 is gone.  Please use 13604502132.
Sparcstation 2 netboots netbsd; installation pending.
Personal site works;  http://members.shaw.ca/peasthope/ .

Reply to:

Follow-Ups:
- Re: Configuration for a Linux router with a client having a public address
  - From: Bob Proulx <bob@proulx.com>

References:
- Re: Configuration for a Linux router with a client having a public address
  - From: Bob Proulx <bob@proulx.com>

Prev by Date: Re: install lenny on Dell
Next by Date: A better Emacs sql mode?
Previous by thread: Re: Configuration for a Linux router with a client having a public address
Next by thread: Re: Configuration for a Linux router with a client having a public address
Index(es):
- Date
- Thread