[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: network question - is this unusual?



Bill Davidsen wrote:
Daniel B. Thurman wrote:
Gerhard Magnus wrote:
I recently had to deal with my ISP about a connectivity problem that
turned out to be on their end. (The tech referred to linux as lie-nux
and insisted on doing everything in XP which I fortunately had
dual-booted.) But in the process of working through this it was
necessary for me to describe the way I'd set up my LAN here and he
seemed incredulous. This wouldn't bother me except that I've gotten this
reaction before from people in the outside world but never an
explanation. So I'm asking: is there something weird about this
structure? Is there some "better" or more standard setup?

The DSL modem Actiontec modem provided by Quest plugs into the phone
jack. The Actiontec is an older model with only one ethernet plug. Since
I have four boxes, two of which are dual booting Fedora and XP, I have
an ethernet cable connecting the modem to the DSL plug of a Linksys
router. I then have separate cables connecting the four outlets on the
router to each of the four boxes. (I did all this cabling at a time
before wireless routing was as available and cheap as it is today.)

Each of the six operating systems (4 linux and 2 XP) has a static IP
address and each has a firewall. I have NFS running on the linux
systems. There's another firewall on the router, which is currently
port-forwarding only ssh and torrent data from the outside world.

I thought I'd check this out before going further....
I have done this many times, as far back as I can remember
so I'd think it's pretty common.  I have found that some of
the first-line techs can be pretty clueless, so you could force
escalate to a higher level tech if you are not getting anywhere
or, do the research yourself.  Kind of hard to do without an
Internet connection ;)

My home system  uses a Westell modem, in bridge mode,
and is hooked to a Trendnet 300Mb/s wireless router.
Drat.  Sometimes I screw up when writing.  The Wireless router
above is actually behind the firewall, is on the private LAN,
is on a private switch.

At another place, I have an ActionTec with Quest branding,
pretty azure/blue glow lights modem.  This is one is wireless
but without the module and I declined the upgrade (cuz it was at
rip-off prices at the time) and got a better deal for an Airlink 150N
wireless router at sale prices.

As with both modems mentioned abovet, the setup is to set the
modems in "bridge" mode  which means, all data is passed through
with no restrictions.  After that,  just hook up the Ethernet cable from
the modem to your (wireless) router's WAN connection.  What's left
then, is to configure the firewall settings on the router.

In bridge mode does your ISP see all the MAC
addresses directly and assign IPs?
ISP to Assign IP addresses, Yes.
ISP/DSL-Line sees ALL MAC addresses, No.

The FW router *might* expose it's own MAC Address but
but not the private LAN MAC addresses of systems/devices
behind the FW router.

The FW router's Static/Dynamic public IP address is exposed.
All/Some internal private system's address gateways settings
points to the FW router in order to access the Internet.
I have been told by friends that the more typical thing is
that the modem (wireless + four wires mostly) has DHCP and
does NAT so everything takes but a single IP.
If the modem/(WiFi-)router also provides POTS jack, then true.
If you have multiple IP addresses, one is assigned to the FW
router, and the rest of the IP addresses are NAT assigned to
the private but "public" system(s) of interest.
My firewall makes sure that happens, my one ISP is a business
connection with static IPs rather than DHCP, but the other is
a telco, and I keep a low profile.
Ok.

This is the general setup I have:

    v[Different Domain name providers]
    v[Different Internet provider]
    v[Verizon(DSL-LINE-ONLY)]
ISP1-->Westell---->SonicWall-router-->switch--->PrivateLan
        ^             ^                     \->WLRouter
  [BRIDGE MODE] [Firewall Routers]
        v             v
    v[Different Domain name providers]
    v[Different Internet provider]
    v[Quest(DSL-LINE-ONLY)]
ISP2-->ActionTec-->AirLink-router---->switch--->PrivateLan


Hope this answers your questions!


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]