DMZ on the same box as network router
Hi,
I have a slightly tortuous networking problem. My ADSL broadband connection comes into my house in the ground floor front room. The office is in the back top floor bedroom. I currently have a hardware ADSL wireless router connected to the phone socket in the front room that links up to the back bedroom. From there, I have a wireless card in the back of one Linux box . The link operates on the 192.168.1.0/24 network.
I also have two other machines plugged into the back of the Linux box via cross-over LAN cables. These machines work on the 192.168.0.0/24 network. The Linux box routes packets between the two networks to give internet access to all machines. The ADSL router is using NAT to connect to the internet.
However, I have (at another location) another Linux box which acts as an ADSL router/server. This box, apart from running a NAT ADSL routing service to the simple network behind it, runs things like my webserver, ftp, DNS, mail etc etc. This network is soon to be closing down though.
Since this other Linux box is old, I'm interested in using the Linux box (ie the one with the wireless card) to provide all the web services that the 'other' Linux box currently supplies. Since it runs so many services, it seems silly to implement destination NAT on each service on my hardware ADSL router. Thus, I'm keen to put the web services in some kind of demilitarised zone (DMZ) in order to allow the box to manage it's own firewalling etc.
What is the best way to do this bearing in mind that this Linux box also acts as the network router? Could I alias the wireless card with another IP that can be used for the DMZ? Is it sensible to use the box for the DMZ? Essentially, I want the one Linux box to act as an internal network router, but also as an external server - is this possible?
Any ideas very gratefully received!
Chris
--
Do I even make sense?
|