Is it possible to use eth0 for both local and public network?
Linux - NetworkingThis forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
well if your having the pc to listen to internal and external addresses then one is plugged into the outside world (router, switch, modem) and the other is internal.
If you are running this system as a DNS server be careful.. DNS is naturally insecure so you will want to learn up on iptables as well.
if you are wanting this pc to handle internal DNS and external DNS i cant see why this would be a problem.
these "two ethernet cards" at the moment would both have a seperate IP.. so you pick one ethernet card to have one of the ip's etc etc
I would suggest that you probably dont need this to have two ethernet cards unless its a gateway pc. you can set up port forwarding etc from your gateway pc to manage DNS requests from external.
OK, so let me make sure I understand. Currently I have one nic on the lan that is trying to listen to both public and private DNS traffic and that is considered insecure, right?
I did not want to set up a gateway, so how does this sound:
Add one new nic with a private ip listening to the 1-1 mapped public ip for DNS, web, etc...). change the current nic to a new private IP to handle any private traffice, but still not act as a gateway.
both nic's are STILL plugged into the same switch. Is that any more secure than my first idea?
if so you are at risk of attack on ANY of your pcs.
I would suggest using this kind of setup (with a gateway)
INTERNET -- GATEWAY -- SWITCH -- LAN
This is not as hard and trying as it sounds...
Your gateway will run a firewall (iptables is my choice )
also u can run DHCP from it and DNS
I have a website for installing a good gateway PC so check it out.. the DNS i am not very good with BIND etc so your on your own (well plenty of other people out there :P)
Office, yea, well, it's not the best I admit, I'm just trying to use what I've been given to work with (three months ago). Maybe down the road I can add real security?
you will spend as much time working on what you are than you would do building a gateway
I strongly suggest even more so for a business... secure/private documents out there for everyone to see... if you arent the boss impress them with a security plan shows your there to help... get some evidence about what hackers can do www.grc.com is good
do a ShieldsUp scan from there of your system you will be sickened i promise... should management and you will make a good impression im sure.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.