Mailing List Archive
tlug.jp
Mailing List
tlug archive
tlug Mailing List Archive
|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [tlug] FTTH ISP recommendation
- Date: Sat, 09 Aug 2008 13:41:53 +0900
- From: Patrick Kellaher <kalmite@example.com>
- Subject: Re: [tlug] FTTH ISP recommendation
- References: <36ed13660808031833k5010ec4bj763eebfa6ee354b9@mail.gmail.com> <48966873.8000603@bebear.net> <36ed13660808032144p2af9dbc6gc96961a597e38632@mail.gmail.com> <20080804094700.GG10857@lucky.cynic.net> <4896FFF3.6070003@bebear.net> <48985D9C.1080301@gmail.com> <36ed13660808051737h7e30bd5br6e5fc5ea25f500d6@mail.gmail.com>
- User-agent: Thunderbird 2.0.0.16 (X11/20080724)
Quentin Arnaud wrote: >> I go through Asahi Net to get KDDI Hikari One Home course (not shared). >> >> For me the second NAT device (the Hikari One home gateway) isn't a >> problem and I use it as a DMZ. Anything I don't trust gets put under >> that network (home gateway has 4 usable switch ports after the WAN and >> LAN ethernet cables are attached. I have never tried to change anything >> on the home gateway as I can't read any of it. The only thing I have >> found not to work (with starting the connection on the inside) is the >> > > > Can you expand what you mean by using it as a DMZ ? If you haven't > changed anything then your computers behind the home gateway ip are in > the 192.168.0.x range. The problem comes if you want to have some > static mac address <-> ip relation or if you want to do portforwards > on the home gateway. Or maybe you found a secret switch in that case I > am all ears. > > You are correct, all my "DMZ'd" machines are still on the private IP space. I haven't bothered to translate the home gateway so I haven't messed with port forwarding or anything. By DMZ I simply mean a sectioned off area of my network that doesn't have any ability to talk to my internal network. A protected private network that can't be reached (via rules) from the outside. I place computers that have been comprised/infected that I am fixing in that section of my network. It really isn't like a true DMZ, but it is more like a 2-tier firewalled network. I just logged into the Aterm BL170HV I have and found that it appears fully capable of everything you need except maybe QoS, which is should be due to being used for VoIP and through Hikari One, TV. There is the ability to make a DMZ'd machine and enable full IP Packet filter rules with packet forwarding. I'm actually quite impressed. I would like to point out that it is entirely possible that will want to be careful opening up port 80 without redirecting elsewhere. Some people I work with tried to do this with a xDSL modem and found that their modem's web config page was visible from the outside rather than the web server they were trying to set up. The Aterm's interface looks very similar to the xDSL modem's. Pat
- References:
- [tlug] FTTH ISP recommendation
- From: Quentin Arnaud
- Re: [tlug] FTTH ISP recommendation
- From: Edward Middleton
- Re: [tlug] FTTH ISP recommendation
- From: Quentin Arnaud
- Re: [tlug] FTTH ISP recommendation
- From: Curt Sampson
- Re: [tlug] FTTH ISP recommendation
- From: Edward Middleton
- Re: [tlug] FTTH ISP recommendation
- From: Patrick Kellaher
- Re: [tlug] FTTH ISP recommendation
- From: Quentin Arnaud
- [tlug] FTTH ISP recommendation
- Prev by Date: Re: Shielding of CAT 6 cables (was Re: [tlug] FTTH ISP recommendation)
- Next by Date: [tlug] Advice on a new ThinkPad purchase
- Previous by thread: Re: [tlug] FTTH ISP recommendation
- Next by thread: Re: [tlug] FTTH ISP recommendation
- Index(es):
| Home Page | Mailing List | Linux and Japan | TLUG Members | Links |