[plug] Routing

Jonathon Bates batesy at batesy.net
Tue Jun 18 20:13:12 WST 2002


> > Say I have a box acting as a gateway. In that gateway (well within the
> > gateways network) I have a block of live IP's that all need access to the
> > world (easy)
> Live IP == world reachable (non-private) IP eg not 192.168.x.x or 
> 10.x.x.x , block assigned by ISP?

No live IP's and so forth. So behinf the gateway there will be a block of
real IP's.
 
> Just asking to be sure, because if you're using IP Masquerade and 
> private IP ranges, its an entirely different kettle of fish.

:)

> > How do I go about allowing traffic to flow freely in and out?
> Its rather more "how do I limit what trafffic is passed freely in and 
> out" normally ; your ISP should be routing all traffic to your assigned 
> IP block to your
> gateway, which by default ( or as per /proc/sys/net/ipv4/ip_forward ) 
> will route the packets to the appropriate host on the LAN.

As much as what I though! :)

> > Is it simply a firewall issue or something else?
> Well, you'll definitely want to set up a firewall on the gateway to 
> police traffic and limit what can and can't pass; for normal users with 
> private IP blocks who use IP masq its less of an issue since internal 
> hosts can't be directly attacked (having non-routeable addresses) - 
> you'll have to be extra careful.

Definately! 
It will be done, there are Sparcs and OSX boxes beind this network..

Cheers
batesy



More information about the plug mailing list