Re: [Lug-Nuts] pac bell DSL

From: Daniel de Young (ddeyoung@jps.net)
Date: Tue Feb 22 2000 - 15:01:19 PST


OK...

Now I'm really aching to get off work and go try this out!!! Argghhh! Thanks
guys. I will be tinkering until the wee hours I'm sure :-) I have an extra
box I can use to route, but I was hoping to be able to secure one box really
tight to protect the network and seperate my lab boxes so I dont have to mess
with the network firewall much.

I was thinking of setting up the firewall with no services running (nothing
not needed) using Bastille on a minimum install. Then installing shh and setting
the firewall to only allow from the local net. Then setting up a second hardened
box with just shh running. The idea being that the firewall could only be reached
indirectly and to add another layer to the security. I've got the IPs and the
hardware. Anybody see a problem or consider it useless? why?

Daniel

>
>Yes. Its the same as using a crossover cable between the modem and the
>computer. It just lets you plug multiples in.
>
>Brian Lavender wrote:
>>
>> So, what you are saying is that you _can_ plug a switch into the Alcatel

>> (or whatever bridge) and plug all your machines into that switch?
>>
>> On Tue, Feb 22, 2000 at 01:44:29PM -0800, Mike Machado wrote:
>> > We use the exact same equipment that Pacbell uses for DSL (redback
>> > SMS's) and we BRIDGE to the 5 IP customers, since its such a small space

>> > we do not deal with routing. I am pretty sure you just plug your acetel

>> > into the switch and assign IP's to the gateway Pacbell gave you. Every

>> > machine on your network will all have the same gateway and netmask. If

>> > unsure, call pacbell :).
>> >
>> >
>> > Brian Lavender wrote:
>> > >
>> > > I believe you have to route those IP addresses. Since you got the
>> > > enhanced, you probably got the external Alcatel. That device is a
>> > > bridge. It has no address, but will "bridge" the data to your ethernet

>> > > card which does have an address. I don't think you can plug the wire

>> > > into a switch, because the packets won't know where to go. The router
on
>> > > Pacbell's side has no knowledge of you NIC cards MAC addresses that are

>> > > also plugged into the switch. So, you will have to plug the wire into

>> > > your Linux box into a NIC directly from the Alcatel. From there you have

>> > > several options. You can put multiple NICs in the machine. That machine

>> > > will be your gateway. You then can assign another NIC in that gateway

>> > > an IP address. That takes two of your IP's. Then you can run that wire

>> > > to your switch and you can have three other machines on that subnet
>> > > with the routable IPs. That's just one of your options. Other options

>> > > would be to Masquerade, or to alias all those IP's to the NIC that runs

>> > > between your box and the alcatel. Then you could forward traffic that

>> > > hits the routable NIC back into one of your boxes with a private IP.

>> > >
>> > > brian
>> > >
>> > > On Tue, Feb 22, 2000 at 08:15:51PM +0000, Daniel de Young wrote:
>> > > > Well I just had DSL installed.
>> > > >
>> > > > I haven't been back yet to check it out, but I had a question.
>> > > >
>> > > > I had the guy leave an external 'modem' (so I can use Linux). What
does this
>> > > > modem do? does it condition the signal to be split over the ADSL line?
 Do
>> > > > I plug the NIC into the modem?
>> > > >
>> > > > Also, I have 5 ip addresses... do I have to push 'all' traffic through
the machine
>> > > > with the modem installed? I wanted to run the DSL port into a switch
and then
>> > > > have each of the IPs on different machines without using any of them
as a network
>> > > > gateway. Is that out? :-)
>> > >
>> > > yes
>> > >
>> > > >
>> > > > Any suggestions from people that have been using DSL for awhile?
>> > > >
>> > > > Thanks,
>> > > >
>> > > > Daniel
>>
>> --
>> Brian Lavender
>> http://www.brie.com/brian/
>> **********************************************************
>> * Sacramento Linux Users Group Mailing List
>> *
>> * Unsubscribe: Send a message to majordomo@saclug.org
>> * With 'unsubscribe lug-nuts' in the body
>> *
>> * http://www.saclug.org
>
>--
>Mike Machado
>mike@innercite.com
>InnerCite
>Network Specialist
>**********************************************************
>* Sacramento Linux Users Group Mailing List
>*
>* Unsubscribe: Send a message to majordomo@saclug.org
>* With 'unsubscribe lug-nuts' in the body
>*
>* http://www.saclug.org
>
>
>
**********************************************************
* Sacramento Linux Users Group Mailing List
*
* Unsubscribe: Send a message to majordomo@saclug.org
* With 'unsubscribe lug-nuts' in the body
*
* http://www.saclug.org



This archive was generated by hypermail 2b29 : Fri Feb 25 2000 - 14:29:13 PST