Media-One Express, IP Masquerading
Rich Braun
richb at pioneer.ci.net
Wed Feb 11 13:17:34 EST 1998
Sean Chen wrote:
> Is this possible to do without having a separate card? The Linux FAQ from
> Media-One uses a setup of two cards in the Linux box plus the second machine.
> Seems to me that this is probably unnecessary? Although technically
> security-wise I know that is the Right Thing(tm), we don't have much
> inclination nor need for such firewalling.
If you hard-wire the IP addresses on the other machines (rather than
using DHCP locally), then you might be able to get by. Media One
apparently forbids running DHCP on the same Ethernet segment which is
attached to their cable box.
The issue has nothing to do with firewalls or security. The issue is
addressing and address translation. If you have only one IP address from
your provider and you want to run multiple machines, then you have to
either use address translation or a proxy server in order to provide
access beyond a single box. IP masquerading on Linux is the cleanest,
cheapest, and easiest way to do this. It is an address translation method.
-rich
More information about the Discuss
mailing list