Linux - NetworkingThis forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
I'm planning to setup a dmz on my smoothwall box but i'm confused on what IP range to use. I'm thinking [ correct me if i'm wrong ] of two options : first
1] red => dhcp from ISP
2] green => say 192.168.1.1
3] orange => say 192.168.2.1
second
1] red => static IP say 88.321.88.2
2] green=> say 192.168.1.1
3 ] orange => say 192.168.2.1 or 88.321.89.1
which option is best configuration for a web server / ftp server on dmz . All suggestions welcomed.
If I go Static on smoothwall do have to create all the routing procedure myself?
For the first option you will need to use one of the dynamic dns service companies and port forward into the dmz.
Most people have 1 static external number and use private numbers internally. This is Smoothwall's default configuration.
The routing is handled by the netmask you use.
If you have several static numbers, (more expensive), you can split the groups with a netmask so that the routing knows which interface to pass packets to.
You will need to manually alter the NAT/masquerading tables so that an external number in the dmz does not get changed to the red interface number.
Overall, it's easier with 1 static external number. eg
1] red => static IP say 88.321.88.2
2] green=> say 192.168.1.1
3 ] orange => say 192.168.2.1
Another question please bear with me.
Will class C IP range affect dns resolution to domain if someone else on the internet is using the same Ip address? say i use 192.168.8.9 with people.city.com then some else has the same address but different domain. Will it make no difference.
So that means if I want to have a webserver on my dmz i use internet address other than class A, B & C? If that is so then i must reconfigure my whole dmz network with internet new internet addresses. If that is true then i've messed my whole weekend.
No no,
as I said in my first post, It's overall easier to use a private address in the DMZ.
This is Smoothie's default...
For Smoothwall 1.0, port forward port 80 to the chosen ip number in the DMZ and add an external access for all ip's on port 80.
For Smoothwall 2 beta, just do the port forwarding.
You can give the web server any number in the ip range for the DMZ, so long as you port forward to it.
Saves having to have hundreds of expensive external numbers.
Phew i had thought on giving up on webserving idea. Though i have not changed my network yet i try it again. Thanks a lot for your help. Thank you so much.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.