LinuxQuestions.org
Visit Jeremy's Blog.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Networking
User Name
Password
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.

Notices


Reply
  Search this Thread
Old 03-19-2003, 06:53 AM   #1
Unseen
Member
 
Registered: Feb 2003
Distribution: debian
Posts: 56

Rep: Reputation: 15
Sharing two public IPs.


I've got an easy networking question that seems to be baffling me.

I've got a home LAN that is currently set up to share one public IP. I recently purchased another IP address and can't really figure out a way to network everything together.

The machine I use to share my current IP is called tinyserv. Tinyserv is a debian machine running iptables, and has two network cards, one for the external (public IP), and the other that goes to the internal LAN. Everything is routed across fine.

In order to add another public IP, will I need to add another network card to tinyserv and connect it to the machine I want to have the public IP?

Another option might be connecting my second server to the LAN and having everything destined for the public ip address routed to it, but I'm not sure how to set this up.

I don't need to masquerade or anything through the other machine, I just want everything for the new public IP to be routed directly to it.

Any ideas?
 
Old 03-19-2003, 04:48 PM   #2
Blindsight
Member
 
Registered: Mar 2003
Distribution: Slackware
Posts: 234

Rep: Reputation: 30
iptables is your friend

You can do this with iptables. Look at the iptables HOWTO on www.tldp.org. You can probably accomplish this with one firewalling rule. Hint: FORWARD
 
Old 03-20-2003, 06:53 AM   #3
Burke
Member
 
Registered: Dec 2002
Location: Virginia, USA
Posts: 131

Rep: Reputation: 15
Seems like most of the stuff I'm finding there applies to IPFW and IPCHAINS... IPTABLES docs seem to be in the works.

But, these are useful:
Setting up IP Aliasing on A Linux Machine Mini-HOWTO

Last edited by Burke; 03-20-2003 at 07:04 AM.
 
Old 03-20-2003, 07:27 AM   #4
Blindsight
Member
 
Registered: Mar 2003
Distribution: Slackware
Posts: 234

Rep: Reputation: 30
iptables HOWTO

a quick google search reveals:

http://www.linuxguruz.org/iptables/h...les-HOWTO.html
 
Old 03-20-2003, 08:52 AM   #5
Unseen
Member
 
Registered: Feb 2003
Distribution: debian
Posts: 56

Original Poster
Rep: Reputation: 15
Sorry, I'm probably retarded because I'm really new to a lot of the terminology in the iptables documentation, but I'm having problem relating the forwarding to my situation on multiple public IPs.

I did read something about aliasing the network card that has the public IP on it to have two IP's, is that not a good idea? I could then route everything coming into that IP over to an internal machine.

Blindsight, if I were to use forwarding, how woud the IPs be set up? Maybe that would make things clearer for me.

For example:

INTERNET <-------> Public IP on ETH0 on tinyserv, which forwards currently on as follows:

LAN IP (192.168.1.1) ETH1 on tinyserv <-----> ETH0 (192.168.1.100) on internal only computer #1
" <------> ETH0 (192.168.1.101) on internal only computer #2
" <------> ETH0 (192.168.1.102) on internal only computer #3
" <------> ETH0 (192.168.1.103) on internal only computer #4
...etc, until (my question):
" <------> ETH0 (public IP? or should this be LAN IP?) second server that I want to receive public IP #2 input.
 
Old 03-20-2003, 11:24 AM   #6
Blindsight
Member
 
Registered: Mar 2003
Distribution: Slackware
Posts: 234

Rep: Reputation: 30
NAT

Alright, what you want to do is this... setup a forwarding rule that says all incoming traffic destined for <public IP #2> is forwarded to internal IP 192.168.xxx.yyy.

To do this, you would need to subinterface. This means..
ifconfig eth0.0 <public IP #1> netmask <netmask>
ifconfig eth0.1 <public IP #2> netmask <netmask>

You may need to masquerade that?

Here's an excellent HOWTO on NAT'ing with iptables. I may need to read this one myself when I get a chance, I've been outta the game for a while.

http://www.mandrakesecure.net/en/docs/HOWTO/NAT-HOWTO/

You'll learn more researching this yourself then if I were to say "type iptables -I Forward -s 192.168.0.0/24 -d...".

Happy Hacking.
 
Old 03-20-2003, 11:28 AM   #7
dsltech
Member
 
Registered: Mar 2003
Distribution: mandrake 9, of course
Posts: 31

Rep: Reputation: 15
you can always use

http://www.bbiagent.net

for you newbies out there.....it works for me. im still trying to grasp the full feel of linux myself, and this program made it easy to use both my windows machines and my two linux boxes
 
Old 03-20-2003, 11:38 AM   #8
Blindsight
Member
 
Registered: Mar 2003
Distribution: Slackware
Posts: 234

Rep: Reputation: 30
bbiwhatever

That BBI program is *not* what you want to run on your workstations. That's intended to be a router (and do what your 'tinyserv' is doing now).

By the way, the iptables rules mentioned in my previous post will be applied to your tinyserv.

By the way, you're not retarded. We all had to start somewhere.
 
Old 03-20-2003, 01:17 PM   #9
Unseen
Member
 
Registered: Feb 2003
Distribution: debian
Posts: 56

Original Poster
Rep: Reputation: 15
Thanks for the help, Blindsight!

That pointed me in the right direction! Woohoo!
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
NAT + public IPS (+ firestarter) Stefan Pantiru Linux - Networking 2 05-17-2005 05:43 AM
Router with multiple public IPs Neodymium Linux - Newbie 1 04-13-2004 06:39 PM
Firewall - filter for public IPs caremaker Linux - Networking 6 01-09-2004 12:17 PM
2 live/public ips for single NIC ehpserver Linux - Networking 3 10-08-2003 07:00 PM
Public IPs behind router Buzer Linux - Networking 2 09-20-2003 01:36 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Networking

All times are GMT -5. The time now is 09:25 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration