MASQD over PPP, but with 2 Valid IP's

Posted on 1998-01-29
Last Modified: 2010-03-18

I would like to set up a linux box with 2 valid ip's. the 1st ip would be for a network, and the 2nd would be routed to a Linux or NT Box( over a network card. Can this be done? Will Routing the 2nd ip to the linux/nt box conflict with the network?

here is a diagram:

            | ISP   |
      ISDN      []
            [](ppp0 with a valide class C IP)
      |Linux  Box  |
MASQ NIC  []      [] 2nd NIC With a valid Class C (eth1)      []
            |Linux or NT Masqd box|(

is this possible?


Question by:screen

Accepted Solution

sauron earned 100 total points
Comment Utility
Yes, it's possible. I'm not clear on exactly what you want from your post, but you can set this sort of thing up. You can have a Linux box, with 2 NIC's, and for example give them and as addresses. You set the subnet mask for both to, and you can route between the two cards by simply enabling routing in the kernel. Then, you can add a ppp device, and use a valid class C from your ISP on this.

You then compile masquerading support into the kernel, and you use the firewalling rules to specify the masquerade policy, so you can specify that packets from the network are masqueraded, but packets from the network are not, or are blocked, or whatever you like.

This is all set up using ipfwadm rules. You'd probably also want dial on demand support, recent versions of pppd support this, but you might also want to look into diald, which can be found at

though it seems to be down at the moment.


Author Comment

Comment Utility
yea But What about 2 valide class C's? What i need is 2 webservers (port 80), each on their 192.168.x.0 network. The Router would route(or in this case port forward) the 1st ip to, and the 2nd ip to

now ppp0 has 1 ip(in this case an ISDN line), howdo i "mount" the 2nd IP.

I think i can use IPFWADM to control which MASQD packet's goes to.


Featured Post

What Should I Do With This Threat Intelligence?

Are you wondering if you actually need threat intelligence? The answer is yes. We explain the basics for creating useful threat intelligence.

Join & Write a Comment

Suggested Solutions

I have seen several blogs and forum entries elsewhere state that because NTFS volumes do not support linux ownership or permissions, they cannot be used for anonymous ftp upload through the vsftpd program.   IT can be done and here's how to get i…
Note: for this to work properly you need to use a Cross-Over network cable. 1. Connect both servers S1 and S2 on the second network slots respectively. Note that you can use the 1st slots but usually these would be occupied by the Service Provide…
Illustrator's Shape Builder tool will let you combine shapes visually and interactively. This video shows the Mac version, but the tool works the same way in Windows. To follow along with this video, you can draw your own shapes or download the file…
This demo shows you how to set up the containerized NetScaler CPX with NetScaler Management and Analytics System in a non-routable Mesos/Marathon environment for use with Micro-Services applications.

762 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

6 Experts available now in Live!

Get 1:1 Help Now