Date: Wed, 22 Nov 2000 20:19:20 -0600 (CST) From: Mike Meyer <mwm@mired.org> To: Kurtis Smith <ksscendyn@yahoo.com> Cc: questions@freebsd.org Subject: Re: 5 usable ip's two FreeBSD boxes.. Message-ID: <14876.32424.685746.322164@guru.mired.org> In-Reply-To: <71307415@toto.iv>
next in thread | previous in thread | raw e-mail | index | archive | help
Kurtis Smith <ksscendyn@yahoo.com> types: > Ok here is my delima... I have working now webserver, ftp, mailserver, and > DNS setup on one box. Now this box is a Dual Homed Host with 2 nics in it > also providing DHCP for the LAN. I have NAT Running on xl0 which is > connected to my ADSL with Pacbell. This provides me with 5 usable ip's > however I am only using one of them on xl0 interface. xl1 is providing > DHCP services as well has a Ip of 192.168.1.3. Now my second BSD box I > would like to have as a backup DNS as well as backup for the rest of the > services. Its ip is on the LAN 192.168.1.2. My question is how to make it > so it too can be seen as one of my Usable IP's so I can use this box for > say maybe other domains and mail services. Like a super Mini ISP for > friends family whatever. Main concern is Slave DNS for it. That's easy - move the second box to the other side of your firewall. This requires another hub, but will do the job. However, I'd recommending splitting the functionality differently. You have three categories of services: intranet - DHCP and anything else that your local LAN uses, but not the outside world; internet - Apache, and things the outside world talks to in general, whether or not your LAN boxes talk to it; and router - nat and possibly similar things. If put all the internet services on the second box, then someone breaking into it won't have access to traffic on your internal network. As a final note, you can probably get this to work with an ipfw rule along the lines: fwd <internal ip> ip from any to <external ip> but the security implications of putting an external web server inside your firewall are horrendous. <mike To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?14876.32424.685746.322164>