On Thu, 2009-04-02 at 15:48 +1030, Tim wrote: > On Thu, 2009-04-02 at 11:56 +1100, Simon Slater wrote: > > When a firewall computer has 2 nics, they should be on separate > > subnets? Yes? > > That depends on how you want to use them. If the computer sits > *between* two networks, then yes. > Ok, go that. > > When an ISP dynamically assigns an ip address, is it associated with > > the dsl router, eth0 where it plugs in, or the ppp0 device that does the > > communicating? > > That depends on how you're using the modem/router. If you're using it > just as a modem, it's the computer network interface that gets assigned > the internet address, and the computer does the authentication (if any). > If you're using it as a router, the router's WAN interface deals with > the ISP. > This explains some of the inconsistencies that I've been seeing. So I'll settle on using it just as a modem and the computer for connecting until I finish tweaking the rest of the setup. > > So if eth1 goes to a lan and has its ip address configured in its > > ifcfg-eth1 and similarly eth0 on the wan side is configured to get its > > address from dhcp, is it the ISP's dhcp server that it needs to get the > > address from or the local dhcp server? > > The ISP's DHCP server doesn't *get* anything from you, it gives you > addresses that it wants you to use. > > > With respect to the ip address for configuration of the dsl router > > (defaults to 192.168.1.1 for this Linksys AG300), which subnet should it > > be on, the lan side or wan? > > That's a badly formulated question that's hard to understand. The fog of my confusion clouded my typing as well as my thinking. > But, > 192.168.1.1 is a private address range, it should only be used on LANs. > However, some cheapskate ISPs, which don't have enough public IPs give > all their customers private IP addresses, and they do NAT between the > internet and their customers. > I'll try again now I understand a bit more. To configure the Linksys AG300, which is physically connected to eth0, I point a browser to 192.168.1.1 (by default, but this can be changed) and configure whatever I need to. When I use the computer to connect to the ISP via the same eth0 and the ISP assigns me (at the moment) 210.84.25.73. Does this mean that I cannot configure the router because the ip's are now on different subnets? Then again, if used just as a modem, no real configuration is needed? > > Slightly more advanced: What are the pros and cons of using an ifup > > ppp0 command from the firewall computer to connect with the ISP versus > > connecting from within the dsl router itself? > > If the computer is directly connected, it has to do all the firewalling, > and sharing the internet with other computers. If you have a router in > between, it handles all the networking, and you don't have to have any > particular computers on to use the network. > I do want this computer to most of the work. Thanks a lot Tim, this is just the type of clarification I needed. Understanding this better is helping me get a handle on what is wrong in other areas, like my dnsmasq configuration, which I think stems from these issues. -- Regards, Simon Slater Registered Linux User #463789. Be counted at: http://counter.li.org/ -- fedora-list mailing list fedora-list@xxxxxxxxxx To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list Guidelines: http://fedoraproject.org/wiki/Communicate/MailingListGuidelines
