Mailing List Archive

Support open source code!


[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: tlug: More IP addresses



On Wed, 9 Dec 1998, Uva Coder wrote:

> On Date: Tue, 8 Dec Renaud wrote:
> 
> >I need more IP addresses than I have.
> >
> >Masquerading sounds good to me, but someone told me that running a Proxy
> >server would do the "same". Is that true? I couldn't figure this out in the
> >documentation.
> 
> Yes, in theory they can, but I have not seen any proxy servers that do the
> equivalent to IP masquerading. IP masquerading is generally mimicked with
> firewall software and dhcp or a
> proxy server software and dhcp in the private sector.
> 
> The major difference with IP Masquerading and proxy servers in general is as
> follows:
> 
> IP masquerading translates IP addresses only. If a client computer on a
> intranet goes through a
> masquerading machine, the client`s IP packets are restamped at the
> masqeurading computer then
> sent to the internet. Additionally, if the masquerading machine has all
> services (inetd) turned off, the client will still be able to connect to the
> internet.
> 
> Proxy servers translate tcp or udp services on behalf of a client computer
> or network. The client`s IP packets are relayed to the proxy server`s own
> services. So if services in the inetd.conf are disabled in the proxy server,
> the client will not be able to connect to the internet.
> 
> I would recommend ip masquerading over a proxy server with dhcp. IP
> masquerading is quicker.

You can, however, use ipfwadm/ipchains on the masquerade server to limit
which services are accessible from the masqueraded clients.  I did this
here at PHT to prevent people from exporting their X displays through the
masquerade gateway :)

--------------------------------------------------
Scott M. Stone <sstone@example.com, sstone@example.com>
Head of TurboLinux Development/Systems Administrator
Pacific HiTech, Inc (USA) / Pacific HiTech, KK (Japan)


------------------------------------------------------------------
Next Technical Meeting: 12 December, 12:30 at Temple Univ. Japan
*NEW LOCATION* a map is available at http://www.tuj.ac.jp/maps.html
Next Nomikai: 15 January 1999, 19:30 Tengu TokyoEkiMae 03-3275-3691
------------------------------------------------------------------
more info: http://tlug.linux.or.jp                     Sponsor: PHT


Home | Main Index | Thread Index

Home Page Mailing List Linux and Japan TLUG Members Links