263 lines
11 KiB
HTML
263 lines
11 KiB
HTML
<!--startcut ======================================================= -->
|
|
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2//EN">
|
|
<html>
|
|
<head>
|
|
<META NAME="generator" CONTENT="lgazmail v1.3D.k">
|
|
<TITLE>The Answer Guy 55: Getting Addresses Routed: Use IP Masquerading or Application Proxies</TITLE>
|
|
</HEAD><BODY BGCOLOR="#FFFFFF" TEXT="#000000"
|
|
LINK="#3366FF" VLINK="#A000A0">
|
|
<!-- ::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: -->
|
|
<P> <hr>
|
|
<!-- *** BEGIN navbar *** :::::::::::::::::::::::::::::::::::::::::::::::: -->
|
|
<p align="center">
|
|
<A HREF="../lg_bytes55.html"><IMG ALT="[ Prev ]"
|
|
SRC="../../gx/navbar/prev.jpg"
|
|
WIDTH="16" HEIGHT="45" BORDER="0" ALIGN="bottom"></A>
|
|
<IMG ALT="" SRC="../../gx/navbar/left.jpg"
|
|
WIDTH="14" HEIGHT="45" BORDER="0" ALIGN="bottom" >
|
|
<A HREF="../index.html"><IMG ALT="[ Table of Contents ]"
|
|
SRC="../../gx/navbar/toc.jpg"
|
|
WIDTH="220" HEIGHT="45" BORDER="0" ALIGN="bottom" ></A>
|
|
<A HREF="../../index.html"><IMG ALT="[ Front Page ]"
|
|
SRC="../../gx/navbar/frontpage.jpg"
|
|
WIDTH="137" HEIGHT="45" BORDER="0" ALIGN="bottom"></A>
|
|
<A HREF="../../faq/index.html"><IMG ALT="[ FAQ ]"
|
|
SRC="../../gx/navbar/faq.jpg"
|
|
WIDTH="62" HEIGHT="45" BORDER="0" ALIGN="bottom"></A>
|
|
<IMG ALT="" SRC="../../gx/navbar/right.jpg"
|
|
WIDTH="15" HEIGHT="45" ALIGN="bottom" >
|
|
<A HREF="../lg_tips55.html"><IMG ALT="[ Next ]"
|
|
SRC="../../gx/navbar/next.jpg"
|
|
WIDTH="15" HEIGHT="45" BORDER="0" ALIGN="bottom" ></A>
|
|
<!-- *** END navbar *** :::::::::::::::::::::::::::::::::::::::::::::::::: -->
|
|
</p>
|
|
<P> <hr> <P>
|
|
<!-- ::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: -->
|
|
<center>
|
|
<H1><A NAME="answer">
|
|
<img src="../../gx/dennis/qbubble.gif" alt="(?)"
|
|
border="0" align="middle">
|
|
<font color="#B03060">The Answer Guy</font>
|
|
<img src="../../gx/dennis/bbubble.gif" alt="(!)"
|
|
border="0" align="middle">
|
|
</A></H1>
|
|
<BR>
|
|
<H4>By James T. Dennis,
|
|
<a href="mailto:linux-questions-only@ssc.com">linux-questions-only@ssc.com</a><BR>
|
|
LinuxCare,
|
|
<A HREF="http://www.linuxcare.com/">http://www.linuxcare.com/</A>
|
|
</H4>
|
|
</center>
|
|
|
|
<p><hr><p>
|
|
<!-- endcut ======================================================= -->
|
|
<!-- begin 16 -->
|
|
<H3 align="left"><img src="../../gx/dennis/qbubble.gif"
|
|
height="50" width="60" alt="(?) " border="0"
|
|
>Getting Addresses Routed: Use IP Masquerading or Application Proxies</H3>
|
|
|
|
|
|
<p><strong>From Future Systems Today on Thu, 08 Jun 2000
|
|
</strong></p>
|
|
<!-- ::
|
|
Getting Addresses Routed: Use IP Masquerading or Application Proxies
|
|
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
|
:: -->
|
|
<P><STRONG>
|
|
ok, here it is... I have a suse linux 6.3 server that is using a cable
|
|
modem and has a static ip address from my isp which is 63.92.157.x. The
|
|
isp also is being used as my dns and gateway on my first nic on that
|
|
server. Everytime i change the ip address of my second nic to something
|
|
other than 63.92.157.x I have no internet connection. What should i do
|
|
or how do i trouble shoot this also i tried to connect my other ms pc's
|
|
through this box to the internet but since i am trying to go through the
|
|
ip address that the isp is giving me then i am getting a error message.
|
|
</STRONG></P>
|
|
<P><STRONG>
|
|
Is there a way to get internet access through my server which has the ip
|
|
address that the isp gave me and make it look like it is connecting
|
|
rather than a ip address that i gave a machine.
|
|
</STRONG></P>
|
|
<P><STRONG>
|
|
Thanks
|
|
Joe
|
|
</STRONG></P>
|
|
<BLOCKQUOTE><IMG SRC="../../gx/dennis/bbub.gif" ALT="(!)"
|
|
HEIGHT="28" WIDTH="50" BORDER="0"
|
|
>
|
|
(Short answer: use IP masquerading or SOCKS).
|
|
</BLOCKQUOTE>
|
|
<BLOCKQUOTE>
|
|
What you're asking for is called "IP Masquerading" or "network
|
|
address translation" (NAT). Technically IP masquerading is a
|
|
particular form of network address/port translation.
|
|
</BLOCKQUOTE>
|
|
<BLOCKQUOTE>
|
|
I've written about this on a number of occasions, and a
|
|
search on LG (<A HREF="http://www.linuxgazette.com/search.html"
|
|
>http://www.linuxgazette.com/search.html</A>) shows
|
|
over 120 matches on the phrase (ip;masq).
|
|
</BLOCKQUOTE>
|
|
<BLOCKQUOTE>
|
|
Here's a link to an LG article by Mark Nielsen and Andrew Byrd
|
|
"Private Networks and Roadrunner using IP Masquerading LG #51"
|
|
(<A HREF="http://www.linuxgazette.com/issue51/nielsen.html"
|
|
>http://www.linuxgazette.com/issue51/nielsen.html</A>) that's probably
|
|
just what you need to get started.
|
|
</BLOCKQUOTE>
|
|
<BLOCKQUOTE>
|
|
Also the <A HREF="http://www.linuxdoc.org/">LDP</A> (Linux Documentation Project) has a reasonably
|
|
up-to-date HOWTO on this topic:
|
|
</BLOCKQUOTE>
|
|
<BLOCKQUOTE><BLOCKQuote>
|
|
<A HREF="http://www.linuxdoc.org/HOWTO/IP-Masquerade-HOWTO.html"
|
|
>http://www.linuxdoc.org/HOWTO/IP-Masquerade-HOWTO.html</A>
|
|
</BLOCKQuote></BLOCKQUOTE>
|
|
<BLOCKQUOTE>
|
|
... so you should read those and see if that explains it. (I can
|
|
understand why one wouldn't know the magic keywords for this
|
|
concept, and thus wouldn't have been able to find this).
|
|
</BLOCKQUOTE>
|
|
<BLOCKQUOTE>
|
|
If you get stuck on some of the assumptions that these articles and
|
|
HOWTOs will make then you might want to read my article on "Routing
|
|
and Subnetting 101"
|
|
(<A HREF="http://www.linuxgazette.com/issue36/tag/a.html"
|
|
>http://www.linuxgazette.com/issue36/tag/a.html</A>) which goes into
|
|
related topics in some detail.
|
|
</BLOCKQUOTE>
|
|
<BLOCKQUOTE>
|
|
Keep in mind that you could also configure your Linux box as a
|
|
"proxy" server (more formally it could be an "applications level
|
|
proxy"). In this case your other machines never talk "directly" to
|
|
the Internet, but the applications talk to a "proxy"
|
|
application/server on your router (your Linux box). That proxy
|
|
then performs the Internet requests on behalf of your applications
|
|
and relays the results back to you.
|
|
</BLOCKQUOTE>
|
|
<BLOCKQUOTE>
|
|
There are many freely available proxy packages for Linux including
|
|
NEC Socks 5, Dante, Delegate (all using the SOCKS standards), and
|
|
specific proxies for specific applications (like squid which is a
|
|
caching proxy). You could do a search on "proxy" or
|
|
"applications;proxy" to read more about that.
|
|
</BLOCKQUOTE>
|
|
<BLOCKQUOTE>
|
|
The reason that IP masquerading has become somewhat more common and
|
|
popular than applications proxying is that it is more transparent.
|
|
When using applications proxying you have to configure each system
|
|
and many individual applications to use the proxy. On the other
|
|
hand proxying is technically a better, cleaner and probably more
|
|
secure way to build a good network.
|
|
</BLOCKQUOTE>
|
|
<BLOCKQUOTE>
|
|
In either case you should be sure that you don't pick addresses
|
|
"out of the blue." There are sets of addresses that are reserved
|
|
for use behind proxying and IP masquerading firewalls and routers,
|
|
and on other "disconnected" networks (those that will never
|
|
interconnect to the Internet). Those are defined in RFC 1918.
|
|
(RFCs are "request for comment" documents; proposals to the
|
|
corpus of the Internet about how things should be done. They
|
|
are basically drafts that become Internet standards).
|
|
</BLOCKQUOTE>
|
|
<BLOCKQUOTE>
|
|
RFC 1918 basically assures us that the IANA (Internet assigned
|
|
numbers authority) and its delegates (like ARIN, the American
|
|
Registry for Internet Numbers) will never issue the following
|
|
address blocks to any organization on the Internet:
|
|
</BLOCKQUOTE>
|
|
|
|
<blockquote><pre> 192.168.*.*
|
|
172.16.*.* through 172.31.*.*
|
|
10.*.*.*
|
|
</pre></blockquote>
|
|
<BLOCKQUOTE>
|
|
So those are available for use on "disconnected" networks.
|
|
(This also explains by most examples in textbooks and online
|
|
technical discussions about IP use the 10.* and 192.168.*
|
|
address ranges; most people don't remember the 172.... Class B
|
|
set).
|
|
</BLOCKQUOTE>
|
|
|
|
<!-- end 16 -->
|
|
<!--startcut ======================================================= -->
|
|
<P> <hr> </p>
|
|
<H5 align="center"><a href="http://www.linuxgazette.com/copying.html"
|
|
>Copyright ©</a> 2000, James T. Dennis
|
|
<BR>Published in <I>The Linux Gazette</I> Issue 55 July 2000</H5>
|
|
<H6 ALIGN="center">HTML transformation by
|
|
<A HREF="mailto:star@tuxtops.com">Heather Stern</a> of
|
|
Tuxtops, Inc.,
|
|
<A HREF="http://www.tuxtops.com/">http://www.tuxtops.com/</A>
|
|
</H6>
|
|
<P> <hr>
|
|
<!-- begin tagnav ::::::::::::::::::::::::::::::::::::::::::::::::::-->
|
|
<p align="center">
|
|
<table width="100%" border="0"><tr>
|
|
<td align="right" valign="center"
|
|
><IMG ALT="" SRC="../../gx/navbar/left.jpg"
|
|
WIDTH="14" HEIGHT="45" BORDER="0" ALIGN="middle" border="0">
|
|
<A HREF="../lg_answer55.html"
|
|
><IMG SRC="../../gx/dennis/answertoc.jpg" align="middle"
|
|
ALT="[ Answer Guy Current Index ]" border="0"></A></td>
|
|
<td align="center" valign="center"><A HREF="../lg_answer55.html#greeting"><img align="middle"
|
|
src="../../gx/dennis/smily.gif" alt="greetings" border="0"></A>
|
|
<A HREF="1.html">1</A>
|
|
<A HREF="2.html">2</A>
|
|
<A HREF="3.html">3</A>
|
|
<A HREF="4.html">4</A>
|
|
<A HREF="5.html">5</A>
|
|
<A HREF="6.html">6</A>
|
|
<A HREF="7.html">7</A>
|
|
<A HREF="8.html">8</A>
|
|
<A HREF="9.html">9</A>
|
|
<A HREF="10.html">10</A>
|
|
<A HREF="11.html">11</A>
|
|
<A HREF="12.html">12</A>
|
|
<A HREF="13.html">13</A>
|
|
<br>
|
|
<A HREF="14.html">14</A>
|
|
<A HREF="15.html">15</A>
|
|
<A HREF="16.html">16</A>
|
|
<A HREF="17.html">17</A>
|
|
<A HREF="18.html">18</A>
|
|
<A HREF="19.html">19</A>
|
|
<A HREF="20.html">20</A>
|
|
<A HREF="21.html">21</A>
|
|
<A HREF="22.html">22</A>
|
|
</td>
|
|
<td align="left" valign="center"><A HREF="../../tag/kb.html"
|
|
><IMG SRC="../../gx/dennis/answerpast.jpg" align="middle"
|
|
ALT="[ Index of Past Answers ]" border="0"></A>
|
|
<IMG ALT="" SRC="../../gx/navbar/right.jpg" align="middle"
|
|
WIDTH="14" HEIGHT="45" BORDER="0"></td></tr></table>
|
|
</p>
|
|
<!-- end tagnav ::::::::::::::::::::::::::::::::::::::::::::::::::::-->
|
|
<P> <hr>
|
|
<!-- *** BEGIN navbar *** :::::::::::::::::::::::::::::::::::::::::::::::: -->
|
|
<p align="center">
|
|
<A HREF="../lg_bytes55.html"><IMG ALT="[ Prev ]"
|
|
SRC="../../gx/navbar/prev.jpg"
|
|
WIDTH="16" HEIGHT="45" BORDER="0" ALIGN="bottom"></A>
|
|
<IMG ALT="" SRC="../../gx/navbar/left.jpg"
|
|
WIDTH="14" HEIGHT="45" BORDER="0" ALIGN="bottom" >
|
|
<A HREF="../index.html"><IMG ALT="[ Table of Contents ]"
|
|
SRC="../../gx/navbar/toc.jpg"
|
|
WIDTH="220" HEIGHT="45" BORDER="0" ALIGN="bottom" ></A>
|
|
<A HREF="../../index.html"><IMG ALT="[ Front Page ]"
|
|
SRC="../../gx/navbar/frontpage.jpg"
|
|
WIDTH="137" HEIGHT="45" BORDER="0" ALIGN="bottom"></A>
|
|
<A HREF="../../faq/index.html"><IMG ALT="[ FAQ ]"
|
|
SRC="../../gx/navbar/faq.jpg"
|
|
WIDTH="62" HEIGHT="45" BORDER="0" ALIGN="bottom"></A>
|
|
<IMG ALT="" SRC="../../gx/navbar/right.jpg"
|
|
WIDTH="15" HEIGHT="45" ALIGN="bottom" >
|
|
<A HREF="../lg_tips55.html"><IMG ALT="[ Next ]"
|
|
SRC="../../gx/navbar/next.jpg"
|
|
WIDTH="15" HEIGHT="45" BORDER="0" ALIGN="bottom" ></A>
|
|
<!-- *** END navbar *** :::::::::::::::::::::::::::::::::::::::::::::::::: -->
|
|
</p>
|
|
<!-- ::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: -->
|
|
</BODY></HTML>
|
|
<!--endcut ========================================================= -->
|