| View previous topic :: View next topic |
| Author |
Message |
vargen
Tux's lil' helper
Joined: 29 May 2003
Posts: 76
Location: Lost somewhere in the deep woods of northern Sweden
|
 Posted: Tue Jul 01, 2003 4:22 pm Post subject: networking thoughts.. |
 |
|
I have a network like this:
LAN (2 ip's)
|
Gentoo box (uses one ip) as router/gw/ftp/http/mail
|
5-port switch
/ | \
Windows XP (other IP) Win98 Gentoo on Notebook
* Should I have both ip's on the router and use internal network on the rest?
* How do I set up multiple ip's on one box with iptables, I guess it's the right prog for it..
* Can I have a ftp on the Gentoo box and link to one of the disks on the XP-box..
* I would also like to be able to access each and one of the comp's to all the others.. there will be more comps when I get time to set them up..
* Can I set up different subdomains for each and one of the computers to show on the net.. I have 3 domains and wish to use them all  plus a few sub's then
Is there any faq's on this out there?
_________________
"We are known by the tracks we leave behind.." |
|
| Back to top |
|
 |
Sven Vermeulen
Retired Dev
Joined: 29 Aug 2002
Posts: 1345
Location: Mechelen, Belgium
|
| Posted: Tue Jul 01, 2003 5:14 pm Post subject: |
|
|
| Quote: |
* Should I have both ip's on the router and use internal network on the rest?
* How do I set up multiple ip's on one box with iptables, I guess it's the right prog for it..
|
Normally your Gentoo router will have 2 IPs (it'll have 2 nics too  , one for each nic (this isn't a de facto fact but let's not get into details shall we .
To configure them you need to know what nic (eth0 or eth1) is connected to the LAN. There are 2 possibilities, so that shouldn't be that hard to find out: just suppose eth0 is LAN and eth1 is 5-port-switch. If not, do the other way around.
In /etc/conf.d/net you set iface_eth0 so it has the IP for the LAN, and iface_eth1 the IP for the mini-LAN connected to the switch. Use a seperate network-mask so that there is a clear distinction concerning IPs between the LAN and the mini-LAN-on-switch.
Don't forget to run "rc-update add net.eth0 default" and the same for net.eth1.
You will have to setup NAT on the router so that packets between the 2 LANs are shared. Perhaps google'ing on "Linux iptables NAT" will give you more information -- I'm no NAT expert as it's not something you do every day: only once, and then you don't look at it anymore
| Quote: |
Can I have a ftp on the Gentoo box and link to one of the disks on the XP-box..
|
Yes, export the XP-disk using "File Sharing" on WinXP and mount it (using Samba) on the Linux disk. Then have the FTP server point to that mountpoint for it's data.
| Quote: |
I would also like to be able to access each and one of the comp's to all the others.. there will be more comps when I get time to set them up..
|
You will be able to access all computers, however, I think that you mean you want to be able to mount (i.e. see) all disks on all computers. To do this, you will need the abovementioned Samba. It's the tool that makes it possible to integrate Linux-computers into Windows-networks.
| Quote: |
Can I set up different subdomains for each and one of the computers to show on the net.. I have 3 domains and wish to use them all plus a few sub's then
|
Yes, have one of the computers with a public IP run a DNS server (for instance named). Define all your subdomains and use port forwarding for the seperate services to be able to reach the other computers (this is not needed if you have a public IP for each server). |
|
| Back to top |
|
|
vargen
Tux's lil' helper
Joined: 29 May 2003
Posts: 76
Location: Lost somewhere in the deep woods of northern Sweden
|
| Posted: Tue Jul 01, 2003 6:19 pm Post subject: |
|
|
are there any lists of programs to install for this server.. like Samba, iptables bla bla bla.. I don't wan't any extra shit in there since it's quite a low spec. comp (p133) or a guide to follow..
_________________
"We are known by the tracks we leave behind.." |
|
| Back to top |
|
|
uzik
Apprentice
Joined: 17 Apr 2003
Posts: 257
|
| Posted: Tue Jul 01, 2003 6:39 pm Post subject: |
|
|
There are no lists since most people choose their suite of programs based
on their requirements.
some notes that will help you:
* iptables does not control multiple ip's, it's the firewalling software.
It controls what passes through the two nic cards. It's a subtle distinction.
You create a shell script to do the firewall using iptables. You can also
find programs that will write this script for you. DISABLE everything
you don't use! If it's not running someone can't exploit a hole in it.
* for your web server software decide what features you need and pick
accordingly. Boa is much faster than Apache but doesn't have all
the fancy (and slow) features. You know what you want better than
us. You can have multiple web sites on an IP using apache but it's
not 100% perfect. You can also have multiple virtual IP addresses
on a network card if your ISP allows it. If you're hosting a web site
you probably should consider paying someone to do the DNS
for you. They can setup multiple servers and they can worry
about the security risks.
* bind (the dns software) has been very poor security wise in the
past. I put a separate box together that booted a mini linux distro
with ONLY bind running on it. This required only a floppy disk and
a 100 mhz p2 clone. They could break in, but with only a write
protected floppy on that machine who cares?
* You need samba to do file sharing to windows
* you probably want putty on the windows boxes and sshd on
the gentoo box to remotely control the
router. There are some web based control panels but I don't
believe any of them control everything on the box. |
|
| Back to top |
|
|
|
Networking & Security
