Re: NAT and static addresses in one physical ethernet network

On Tue, 13 Dec 2005, in the Usenet newsgroup comp.os.linux.networking,
in article <dnn7ku$u4$1@xxxxxxxxxxxxxxxxxxxxx>, Chris Morley wrote:

>I will be shortly getting DSL with a 8 static IP address block. I
>believe this gives me 5 useable IP addresses, this is fine as I only
>want 5 addresses anyway for running servers etc, however there are more
>than 5 pc's in the house.

Discuss it with your provider. If you are getting a _subnet_ assignment,
then this is the case (network address, broadcast, router, and five hosts).
On the other hand, you might be getting eight addresses out of a block of
unspecified size - perhaps a /24 or larger. The gateway, network and
broadcast addresses will not be part of your block of eight.

>These other pc's are for general use and do not require any fancy tricks...
>ideally I would like to use NAT for these. the only trouble is I'm no
>networking expert!

That's why the Linux HOWTOs exist. The one you want is

-rw-rw-r-- 1 gferg ldp 703560 May 23 08:22 IP-Masquerade-HOWTO

>I will be running a Linux router, with ADSL card and one Ethernet interface
>which will then spur off to the switch and other PCs. The router is a
>mini-itx machine so I don't have any other space for a second Ethernet card.

That's going to be a problem then.

>So to my question, is there any way that I can run both static addresses and
NAT through the one eth0 interface?

RFC1855 recommends reading a news group for a month before posting. No one
does any more, but if you had looked at this group for the past week, you'd
find a thread titled "subnets and subnetting" where this has been hashed out
is quite a lot of detail. Short answer - you can't do it. IF your router
doesn't filter off the 192.168.x.x network, your ISP is also going to be
unhappy with you contaminating their network with RFC1918 packets.

>Hopefully that would work, and let me run my static machines and let people
>plug computers into the switch who would in turn be assigned a dynamic
>addresses on the different subnet... even though its running on the same
>Ethernet switch.

As long as your dynamic boxes on the other address range NEVER wanted to
talk to the world - this would work. Otherwise, no.

>Is this along the right tracks?

A solution would be to sacrifice one of your real addresses to another
computer that does the masquerading with two NICs. If you need that
address for Internet use, port forward it so a host on the 192.168.x.x
net (or less desirable, add a masquerading function to one of your
servers and let it ALSO route to your 192.168.x.x net).

Old guy
.

Relevant Pages

  • Re: SBS multiple local subnets... routing ?
    ... Well the result will be a single subnet and a server with 3 disabled NIC's. ... I played also with the network teaming, but it seemed to fail miserably. ... Why is SBS so useless at being a router? ... pls update this thread when you have purchased a switch so we can see the result. ...
    (microsoft.public.windows.server.sbs)
  • Re: VPN over wireless
    ... Support with a Cisco Switch it would work. ... on my network - and no success. ... You will still the need the Router to issue DHCP and ...
    (microsoft.public.windows.server.sbs)
  • RE: Active Directory New Site
    ... The internal uplink to the router would be on your 192.168.16.0/24 network ... Would it be as simple as putting the router between the existing switch, ... The piece of equipment you are missing is a router to get you from one ...
    (microsoft.public.windows.server.active_directory)