Linux - NetworkingThis forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
We have a ftp server which is running on public ip and out side of firewall.
Users out side of our network and users of our local network both using the same public ip and doing upload and downloading.
Last few days we are facing bandwidth problem as internal network users increased.
We want setup ftp server with 2 ips as follows.
Internal users will use private IP
users out side network will use public Ip.
Is there any procedure available to configure same machine with private and public ips.
Yes, either with 2 NICs or a second virtual IP address on the same NIC, but you shouldn't need to do this. The traffic from the LAN should be routed to your FTP server and not go out on the internet, except maybe for DNS traffic.
We have 2 nics in ftp server.If we assign private and public ip to each nic;then where should i put my ftp server that means behind firewall or out side of the firewall.
pls suggest me.
The ftp server should be in the DMZ. The computer or device with the two interfaces should be the firewall between the DMZ and the LAN.
The route table in the DMZ/LAN firewall will route LAN users to the FTP server. If you don't have a firewall between the DMZ zone and the internet, then you could have a second NIC for the internet connection.
We already have ftp server connected in DMZ which is having public ip assigned to one of its NIC to access internet.
If i give local lan ip (private ip) to another NIC,can local LAN people can access it by using private ip.
I want to setup local LAN users should do ftp by using private ip and internet users should do ftp using public ip.
is it possible.pls suggest me.
The firewall/router between the FTP server and the LAN can connect to the public interface. If you don't have the ftp server between two firewalls, then you could use a second NIC on the FTP server, and have an outside zone and dmz zone. The SuSE's firewall is configured like that. You indicate which zone a device belongs to (outer, inner or DMZ) and have different firewall rules for each zone. The FTP server should be locked down with it's own firewall in any case.
Ideally the FTP server is located between two firewalls. The DMZ would have a private IP network address, but different from the LAN private address. The part you may be missing is that the firewall/router between the DMZ and the LAN will route the traffic from the LAN hosts to the FTP server. The FTP server doesn't need a NIC with a LAN network address.
If you have a DNS for your LAN, then it could provide the IP address of your FTP server (the DMZ IP address) and your ISP's DNS server wouldn't be consulted. Alternative, if you don't have a DNS server is to include the FTP server in every hosts /etc/hosts file. For small sized networks, the dnsmasq service looks very interesting. It uses it's own /etc/hosts file to serve up the IP addresses of hosts on the LAN, and relays requests for internet domains to a real DNS server.
So your LAN users would be using your FTP server's domain name (or nickname), which would resolve to a DMZ IP address, while Internet users would use the FTP servers FQDN (fully qualified domain name) and use the Internet IP address to your router/firewall.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.