Hi all, About servers in private network, could you all mention good points why servers should be put in private network. I must write down some reports about these, because during this week, i have new jobs maintaining new organisation that still put their servers in public ip range. I ve just moved several servers like mailserver,dns,web to private network. And soon all servers will be moved to the private network. Thanks. Regards, Rio Martin. Original Message: ----------------- From: Leigh Waldie lartc@xxxxxxxxxxxxxxxx Date: Wed, 25 Jun 2003 16:42:26 +0100 (BST) To: lartc@xxxxxxxxxxxxxxx Subject: Re: [LARTC] Linux router and Bandwidth control > Hi Joe, > > I see no real reason giving the servers real IP addresses, you're better > keeping the NAT and forward the ports to the private address. > If you have more than one mail server, you can map diffrent public IP > address > to a diffrent private address. this will also keep your servers safe... > Agreed this is of course the best way to secure lots of servers. And if you like the look of "wrr" as a qdisc, (and it does seem to have some very advanced features - such as the ability to "spot" large downloads and automatically decrease the available bandwidth for that connection for the duration of the download - although I could be wrong in my understanding of this) , then you can still use this qdisc with a NATing router, so have a look at their site anyway. The suggestion of a bridge was intended as a simple "no fuss" solution which can easily be bypassed in times of need - such as component failure - by simply taking the cable out of the bridge and plopping it straight back in the router. I was of course assuming that your "friends" would take care of their own security, thus removing the burden of you even telling them about the traffic shaping as well as preventing you from having to manage all their port forwarding requirements. I'm sure the whole business of traffic shaping is far too complicated for any one answer to be correct even one percent of the time so I accept that this answer may be useless for you. Good luck! Leigh -------------------------------------------------------------------- mail2web - Check your email from the web at http://mail2web.com/ .
