5 DHCP addresses and 7 machines
 

Hi,

This one is weird - and not for the weary...

I got really lucky and signed with my local Time Warner Cable Modem office while they were still setting up. I have a great account with 5 IP addresses.

I love having the ability to use any two-way Internet service from any computer - consider AOL IM file sharing - which requires port 4443 mapped to a reachable IP address.

I am using IPFilter (ipf) to do router/firewalling - and have no problem using DHCP with my router and IP Masq (a.k.a. Network Address Translation) to run my other 6 computers through 1 IP address. (one for each child - a laptop for the wife - the rest are mine).

However, I want to have the best of BOTH worlds. I want to be able give Live IP addresses to my 3 or 4 user machines, and assign NAT to the other users. I currently have 2 NIC cards in my router - and because of the chassis- it would be expensive (US$200+) to put in another.

Anybody have any ideas? Can this be done - or is this a pipe dream?

OK don't get too offended by this because it's just a little pet peeve of mine but

They are just NICs, otherwise it would be a Network Interface Card Card which isn't the same as a PIN number (Personal Identification Number Number) that you would use at the ATM machine (Automated Teller Machine Machine) to access your IRA account (Individual Retirement Account Account)

Whew, ok now that I got that silly little pet peeve off my chest lets see what was he asking? OK...

I don't belive the linux kernel allows you to route some data through NAT and route other data straight through to an IP address, at least I know it doesn't do it if it's all going out through one network card. So at the very least you'd have to buy another NIC; I know some companies (Intel used to but may not anymore) sell dual port NICs. These are basically 2 NICs combined on one PCI card, but some of these can be quirky to say the least. I also know you can't use one IP on one side of your router and bridge some live IPs (in the same subnet) across while routing to other IPs (again, if they are all connected to the same NIC) that are on a different subnet.

Wow! That confused even me and I wrote it!

So at the very least you could find yourself a dual port NIC or blow the 200 bones for the case upgrade and probably pull it off with one NIC to the ISP, one to the NATted machines and one bridged to the public domain IP boxes and then try to figure out how to get a working firewall ruleset for said configuration. You would probably have to tinker with a firewall setup that worked with just the NATted boxes then rip that out and set up the bridge and find a firewall ruleset that worked with them then figure out how to combine those two rulesets without them conflicting.

But in theory it IS possible, anyone chime in if they have anything to add...

Darin - About your pet peave...
I thought that NIC card meant Network Interface Controller... card. Although I have been guilty of saying, "ATM Machine" - but for the courtesy of your own pet peave - insert "Money"
;)

According to your post, it sounds like I am thinking pipe dream... I'll start another post on a different approach.