Re: Hardware needed for home network

To: debian-user@lists.debian.org
Subject: Re: Hardware needed for home network
From: Tixy <tixy@yxit.co.uk>
Date: Sun, 13 Feb 2011 14:09:12 +0000
Message-id: <[🔎] 1297606152.2571.62.camel@computer2.home>
In-reply-to: <[🔎] 20110213130214.GI18225@think.homelan>
References: <[🔎] 20110211133710.041074fe.jhsu802701@jasonhsu.com> <[🔎] torg28xmqa.ln2@news.roaima.co.uk> <[🔎] 1297534704.3648.10.camel@computer2.home> <[🔎] 20110213010146.GB18225@think.homelan> <[🔎] 1297588976.2340.17.camel@computer2.home> <[🔎] 20110213105539.GE18225@think.homelan> <[🔎] 1297596912.2916.35.camel@computer2.home> <[🔎] 20110213130214.GI18225@think.homelan>

On Sun, 2011-02-13 at 15:02 +0200, Andrei Popescu wrote:
> On Du, 13 feb 11, 11:35:12, Tixy wrote:
> 
> > I couldn't see any practical reason for a second Ethernet interface
> > anyway. There's performance issues when input and output traffic share a
> > single interfaces, but as my ADSL speed is <2% of that of the servers
> > Gigabit Ethernet adaptor, that doesn't really factor in.
> 
> Correct me if I'm wrong, but this means you have two IPs on the same 
> interface, one is public and one is RFC 1918 and all your internal 
> computers are connected directly to the big bad internet (via the switch 
> and the modem).

It's not like that, my server's Ethernet interface only has one,
private, IP address.

The server uses PPPoE to talk to the modem, which translates this into
PPPoA to get to my IPSs equipment. So once my server has 'dialled' my
ISP the ppp interface on my server ends up with my public address, which
iptable rules can NAT, filter and forward to the private IP range.

Unless I've fundamentally misunderstood networking, I can't see how
connecting the modem to a separate NIC on the server adds any security.

(I don't discount me getting something horribly wrong, this setup is
only a few weeks old and my first foray into firewalls and routing.)

-- 
Tixy               ()  The ASCII Ribbon Campaign (www.asciiribbon.org)
                   /\  Against HTML e-mail and proprietary attachments

Reply to:

Follow-Ups:
- Re: Hardware needed for home network
  - From: Andrei Popescu <andreimpopescu@gmail.com>
- Re: Hardware needed for home network
  - From: Camaleón <noelamac@gmail.com>
- Re: Hardware needed for home network
  - From: Rick Thomas <rbthomas@pobox.com>
- Re: Hardware needed for home network
  - From: Pascal Hambourg <pascal.mail@plouf.fr.eu.org>

References:
- Hardware needed for home network
  - From: Jason Hsu <jhsu802701@jasonhsu.com>
- Re: Hardware needed for home network
  - From: Chris Davies <chris-usenet@roaima.co.uk>
- Re: Hardware needed for home network
  - From: Tixy <tixy@yxit.co.uk>
- Re: Hardware needed for home network
  - From: Andrei Popescu <andreimpopescu@gmail.com>
- Re: Hardware needed for home network
  - From: Tixy <tixy@yxit.co.uk>
- Re: Hardware needed for home network
  - From: Andrei Popescu <andreimpopescu@gmail.com>
- Re: Hardware needed for home network
  - From: Tixy <tixy@yxit.co.uk>
- Re: Hardware needed for home network
  - From: Andrei Popescu <andreimpopescu@gmail.com>

Prev by Date: Re: bug in the install
Next by Date: Re: checking for changes in file size/permissions since installation?
Previous by thread: Re: Hardware needed for home network
Next by thread: Re: Hardware needed for home network
Index(es):
- Date
- Thread