Re: network gateway with a foreign IP address

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



max wrote:
Claude Jones wrote:
On Sat April 12 2008, John Cornelius wrote:
I gather that it's simply a case of you moving from direct connection to
the Internet to a connection that's behind your Cisco router. I further
presume that the (nominal) 70.x.x.120 address belongs to the Cisco. In
that case you probably don't want to do what you propose.


Thanks for your thoughts, and yes, your surmising is correct

Your box should be set up on the internal LAN subnet in the normal way.
All of the interesting configuration should be done on the Cisco router
by setting up source and destination NAT so that internet traffic on
specific ports addressed to the Cisco are routed to your box and
responses are automatically routed back through the Cisco to their
destination.


I viscerally believe you're correct, here - else why is this the way this is universally done, but I sure could use some better technically grounded expertise in the whys and wherefores

Trying to deal with this issue from inside the LAN rather than in the
router will most likely lead to frustration since whatever you do will
be fragile and probably break often if it works at all.

This is where I need better argumentation...if you can help, it would be appreciated. Specific examples of why it's a bad idea, security problems that could occur, other issues...unfortunately, this configuration has been handed to me, it's not my idea, so I need to understand what's wrong with it and be able to offer sound arguments for the more conventional approach, if there's is a really sound technical reason for not doing it this way. I'm also dealing with the fact that another Linux box, a mail server, has been moved on to this new FIOS lan and configured using the hack that I cited in my original post, and is working quite nicely - unfortunately, I don't clearly understand how to implement that hack on Fedora, but, I'm getting the "if Jack could do this with his Debian box, why can't you with your Fedora?"....

I saw a video once, world's most unbelievable videos or some such, of a guy who's chute failed to open. The camera tracked all the way down, this guy jumped right up and started running around shouting "I'm alive" . Lucky bastard. Soft marshy ground saved his ass. Most people who have a chute that fails to open don't usually survive. That's in case you can't make a technical argument or more likely even if you can it sounds like it will fail because the other people are already convinced it should work out ok. Personally I can't make the technical argument against....yet but it sure doesn't sound right. I have worked to very limited degree with Cisco routers but you can do alot of config in there and as others have pointed out the box on LAN should be oblivious to what the router does anyway.

Good Luck,

Max
Couldn't follow the original posted link either, hopefully it will pull up later so I can see what the hell it says.

Max

--
fedora-list mailing list
fedora-list@xxxxxxxxxx
To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list
[Index of Archives]     [Older Fedora Users]     [Fedora Announce]     [Fedora Package Announce]     [EPEL Announce]     [Fedora Magazine]     [Fedora News]     [Fedora Summer Coding]     [Fedora Laptop]     [Fedora Cloud]     [Fedora Advisory Board]     [Fedora Education]     [Fedora Security]     [Fedora Scitech]     [Fedora Robotics]     [Fedora Maintainers]     [Fedora Infrastructure]     [Fedora Websites]     [Anaconda Devel]     [Fedora Devel Java]     [Fedora Legacy]     [Fedora Desktop]     [Fedora Fonts]     [ATA RAID]     [Fedora Marketing]     [Fedora Management Tools]     [Fedora Mentors]     [SSH]     [Fedora Package Review]     [Fedora R Devel]     [Fedora PHP Devel]     [Kickstart]     [Fedora Music]     [Fedora Packaging]     [Centos]     [Fedora SELinux]     [Fedora Legal]     [Fedora Kernel]     [Fedora OCaml]     [Coolkey]     [Virtualization Tools]     [ET Management Tools]     [Yum Users]     [Tux]     [Yosemite News]     [Gnome Users]     [KDE Users]     [Fedora Art]     [Fedora Docs]     [Asterisk PBX]     [Fedora Sparc]     [Fedora Universal Network Connector]     [Libvirt Users]     [Fedora ARM]

  Powered by Linux