spo071397
asked on
Not IP aliasing and not IP masquerading but mapping??
As a result of switching internet service providers, I
need to change IP addresses. Rather than switching the IP
addresses on 140 or so machines, I would like to have my
Linux firewall (or perhaps my Ascend Max router) map my old
IP addresses to the new ones as packets go through the
firewall.
This is not IP aliasing, giving one interface more
than one IP address. Nor is it masquerading, hiding
the internal network from the internet. I still want
the web, DNS, and mail servers to be accessible.
Any ideas?
need to change IP addresses. Rather than switching the IP
addresses on 140 or so machines, I would like to have my
Linux firewall (or perhaps my Ascend Max router) map my old
IP addresses to the new ones as packets go through the
firewall.
This is not IP aliasing, giving one interface more
than one IP address. Nor is it masquerading, hiding
the internal network from the internet. I still want
the web, DNS, and mail servers to be accessible.
Any ideas?
ASKER
DHCP is not an option. Few of the machines on the
LAN support it.
LAN support it.
What operating systems support TCP/IP and NOT DHCP ?
Hy,
oh, i forgot, with IP masquerading you can of course do web, DNS, Mail, Ftp etc. You thaught you couldn't do that ?
by
oh, i forgot, with IP masquerading you can of course do web, DNS, Mail, Ftp etc. You thaught you couldn't do that ?
by
ASKER
To the first question:
SunOS 4.x, IRIX 5.3, HPUX10.20, OSF3.2, VMS.
Solaris 5.5 might support client DHCP, (any one of them
could be the the DHCP server of course) but that
would involve a major reconfiguration, which is what
I'm trying to avoid.
As to the second question:
With masquerading, the firewall can handle all of those
requests (DNS, HTTP etc.). But I already have machines
on the LAN that can handle those requests. I don't want
to hide those machines from the internet.
SunOS 4.x, IRIX 5.3, HPUX10.20, OSF3.2, VMS.
Solaris 5.5 might support client DHCP, (any one of them
could be the the DHCP server of course) but that
would involve a major reconfiguration, which is what
I'm trying to avoid.
As to the second question:
With masquerading, the firewall can handle all of those
requests (DNS, HTTP etc.). But I already have machines
on the LAN that can handle those requests. I don't want
to hide those machines from the internet.
You want NAT.
NAT in software is curently not available for Linux, AFAIK, but I have heard it may be under development.
Otherwise, you need a router that will do NAT for you, I know many CISCO's do it, I'm not sure about the Ascend Max.
NAT in software is curently not available for Linux, AFAIK, but I have heard it may be under development.
Otherwise, you need a router that will do NAT for you, I know many CISCO's do it, I'm not sure about the Ascend Max.
Hy, me again :^)
well, have you tried bootP ?
Byby.
well, have you tried bootP ?
Byby.
ASKER
No. Again, this would involve reconfiguring lots
of machines in order to use it.
of machines in order to use it.
IP masquerading will do what you want. I have it set up this at home. I have 5 PCs at home. One runs Linux with IP masquerading and the others run DOS, Win3.11, and Win95. The Linux box has two ethernet cards - one is connected to the rest of my PCs and the other connects to my ISP through a cable modem. I am using 10.x.x.x addresses on my internal network and an ISP-provided IP address on the interface that connects to my cable modem.
In your case, you could keep all your current IP addresses on all of your internal machines as long as you use the correct address on the interface that goes to your ISP.
I can run mail, news, and web browsers from any of my PCs with no problem at all.
In your case, you could keep all your current IP addresses on all of your internal machines as long as you use the correct address on the interface that goes to your ISP.
I can run mail, news, and web browsers from any of my PCs with no problem at all.
ASKER
But I want to keep my web and mail servers
accessible from the internet. (Not external
servers accessible from the internal LAN.)
For example, currently my mail server is 205.158.205.11
In the future it will be 207.247.82.11
I just want some way of doing the translation in the
gateway/firewall on the fly.
Sauron's comment led me to some dedicated PC software
packages (i.e. doesn't run on Linux, but DOS.), and
one smaller piece of hardware that I haven't had a chance
to look into yet.
accessible from the internet. (Not external
servers accessible from the internal LAN.)
For example, currently my mail server is 205.158.205.11
In the future it will be 207.247.82.11
I just want some way of doing the translation in the
gateway/firewall on the fly.
Sauron's comment led me to some dedicated PC software
packages (i.e. doesn't run on Linux, but DOS.), and
one smaller piece of hardware that I haven't had a chance
to look into yet.
Ok, so if you can't use IP aliasing nor masquerading nor bootP, nor DHCP nor NAT (it doesn't exist on linux) and don't want to have many reconfiguration on your 140 clients, well my response is : "what you want is simply impossible".
So long.
So long.
ASKER
That's what I was afraid of.
And trying to hack the kernel to do what I want
would probably be more work than just switching
IP adddresses on all the machines.
And trying to hack the kernel to do what I want
would probably be more work than just switching
IP adddresses on all the machines.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
This is very interesting! I'm not exactly sure how
this would be used to implement what I requested.
I'm pretty much resolved to reconfiguring all my
machines.
I do have to give you points for creativity.
this would be used to implement what I requested.
I'm pretty much resolved to reconfiguring all my
machines.
I do have to give you points for creativity.
well very simple, use dhcp to assign IP adress to your workstation. Like anyone should use when having more than 2 pc to manage......
Byby.