-----Original Message-----
From: Jake Colman <[EMAIL PROTECTED]>
To: [EMAIL PROTECTED] <[EMAIL PROTECTED]>
Date: Thursday, May 21, 1998 8:37 AM
Subject: Re: Living on Two Networks Simultaneously
>Will this also allow machines on my private network to see the machines on
the
>office net? Would this require IP Masq since the office net does not know
>anything about my private nodes? Or can this be handled via proper routes
in
>my Linux box?
With IP Masquerading, the nodes in the office would think the private nodes
all had one IP address, which would be that of the Linux box.
Without it, both routers would have to be configured to route your private
addresses, and the office nodes would see those boxes directly.
Let's say, for the sake of discussion, that all your office nodes are in
10.0.0.x, and your home nodes are in 192.168.0.x.
Let's say your office router is 10.0.0.1, your home router is 10.0.0.2, and
your Linux box is 10.0.0.3.
Furthermore, let's say you have an office box called foo, and a home box
called bar.
You're wanting to make a connection from foo to bar. I'll use ping as an
example, although I dunno if Linux can masquerade an ICMP connection or not.
foo's address is 10.0.0.4. bar's address is 192.168.0.2.
With or without masquerading, if you want to use one NIC you'd have the
Linux box set up with both 10.0.0.3 and 192.168.0.1 as it's addresses.
With masquerading, you couldn't make a connection directly to bar from foo
because foo doesn't know an IP address for bar. However, if you made a
connection from bar to foo (say, typing "ping foo" on bar's command line)
foo would think the connection came from 10.0.0.3. It would have no idea
192.168.0.2 existed.
If you were on a command line on foo, and you typed "ping 192.168.0.2", it
would fail because there'd be no route available to that network.
Without masquerading, the routers would be configured (either manually or
through a routing protocol) to know that 192.168.0.x was on one side, and
most of 10.0.0.x was on the other, except for .2 and .3.
>From foo, doing a "ping 192.168.0.2" would work, because it'd route.
>From bar, if you did "ping foo", foo would see that ping coming from
192.168.0.2.
One last thing; if your office network is connected to the Internet, and you
want to connect to the Internet through it, you'll have to use IP
Masquerading at some point in the chain.
Does your office network use "legal" IP addresses, or is it using one of the
private ranges: 10.x.x.x, 172.16.x.x-172.31.x.x, 192.168.x.x?
Does you home network use legal IPs, or ones in one of these ranges?
What you need to do to get your home to speak to the Internet through the
office depends upon the answers to these two questions.
--
PLEASE read the Red Hat FAQ, Tips, Errata and the MAILING LIST ARCHIVES!
http://www.redhat.com/RedHat-FAQ /RedHat-Errata /RedHat-Tips /mailing-lists
To unsubscribe: mail [EMAIL PROTECTED] with
"unsubscribe" as the Subject.
