From owner-freebsd-questions Sun Oct 27 21: 5:40 2002 Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 16CC837B401 for ; Sun, 27 Oct 2002 21:05:39 -0800 (PST) Received: from hotmail.com (f28.sea2.hotmail.com [207.68.165.28]) by mx1.FreeBSD.org (Postfix) with ESMTP id B268443E3B for ; Sun, 27 Oct 2002 21:05:38 -0800 (PST) (envelope-from prince_of_wands@hotmail.com) Received: from mail pickup service by hotmail.com with Microsoft SMTPSVC; Sun, 27 Oct 2002 21:05:38 -0800 Received: from 12.212.45.75 by sea2fd.sea2.hotmail.msn.com with HTTP; Mon, 28 Oct 2002 05:05:38 GMT X-Originating-IP: [12.212.45.75] From: "Kristin Guttormsen" To: freebsd-questions@FreeBSD.ORG Subject: Home network design Date: Mon, 28 Oct 2002 05:05:38 +0000 Mime-Version: 1.0 Content-Type: text/plain; format=flowed Message-ID: X-OriginalArrivalTime: 28 Oct 2002 05:05:38.0474 (UTC) FILETIME=[A7E690A0:01C27E3F] Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG I have been playing around with different configurations for my home network for some time and while I have learned much of the specifics, I remain dissatisfied with my general concepts. I hope someone can offer some clarity to my designs, and then I should be able to solve the specifics (I hope) with time and study. I have a cable connection through ATTBI (1-5 dynamic IP's available at $5/month a piece after the first, no truly static IP's). I have three registered domains (mynet1.net, mynet2.net, mynet3.net) and can work out dynamic dns using available free resources. I have 4 user pc's (win98se, nt4 workstation, win2k, winxp mix) that need constant connection, a networked ps2 (needed as I'm a beta tester), an occasionally laptop connection needed (win2k or xp), and I'd like to be able to let 1-5 people drop in whenever for lan parties. I also have 4 constant servers built (2 freebsd, 1 will be sol linux when it arrives, 1 linux of oft changing flavor), and I also have one borrowed server which I'm currently using for my Novell training which may eventually join the network (undecided yet). Network hardware currently available: 5 port switch, router w/ 4 port switch, 4 port hub, and I'm picking up an 8 port switch next week sometime. I have 2 public websites to host and one which I use purely for testing and fun. I have had ftp, irc, mail (only for my private domain, not the two others), nntp, and a game server running publicly. I have remote storage (a private fileserver for friends (mostly mp3 and video)) and a mysql server which are not for public use but which DO need to be fully accessible from any location (as well as desiring remote network management just for showing off). I'd like to be moderately secure, although I'm not talking about fortune 500 class sensitive material. If nothing else, I'm doing all this to broaden my skills and experience and have a little fun. Where I start to break down is deciding what to do as far as how many ip's to get and where to assign them. Do I build a full DMZ, or use a 3rd nic DMZ out of a firewall gateway, or just lump them altogether? Should I run the servers each with the public IP's and share the private systems behind NAT, or the other way around, or should everything use NAT behind a single or maybe two public IP's? So far I've compiled about 11 different network designs but don't have enough knowledge to know the pro's and cons each would present. Can anyone suggest an appropriate physical layout and address scheme (and if anyone is feeling REALLY helpful how they would break down the application load across the different machines (ie what services would play together nicely residing on the same server)? _________________________________________________________________ Unlimited Internet access -- and 2 months free!  Try MSN. http://resourcecenter.msn.com/access/plans/2monthsfree.asp To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message