Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17


TCP/IP Networking Question

Posted on 2000-04-12
Medium Priority
Last Modified: 2013-11-29
I work in a building that is currently connected to the internet via a router we are being told that we cannot have TCP/IP networking on our machines because our company has run out of IP addresses for our machines.  Our current solution to the problem is that we use an instant internet box which has IPX/SPX winsock client on one side and its own IP address on the internet side of the box.  Is there no simple solution that allows us to use any IP addresses on our clients and have a box/machine that acts as a gateway to the internet?  I have a linux server running so if there is a software solution that could be sat on the server (the server becoming the a gateway via two network cards)
Question by:Steves2001
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2
LVL 40

Expert Comment

ID: 2709029
To suggest the best solution I need to know how many "public" IP's could be allocated for the buildings use. If only one, then IPMasq/ipchains on a Linux box could be used to masquerade your entire building onto a single outside IP. If there is a block of IP's that could be used, ipfilter running on FreeBSD, OpenBSD or Solaris could be used for dynamic NAT.

Sounds like you organization needs to "re-design" their network and NAT everything using a private Class B or Class A.

Author Comment

ID: 2709423
The difficulty has been that we are a college in the UK who benefit from a link to a university who in turn links to JANET which inturn links to the internet.

Our main IP network is a subnet of the universities IP network and our building currently assigned a single IP address due to the way in which IP's have been allocated (randomly) until we ran out . SO yes it is a mess, my problem is that I have to do something with that IP we have so that we can run courses within the building (Java networking stuff) I can do pretty much what I like in the building as long as I don't affect the main network.  If I can show them a working system within the building I could then move on to getting them to take it on board for the whole college.

Anything you can suggest would be greatly appreciated The server I am using at the moment is RedHat 6.0.

Even if you only point me to some sites or books where I can read up about above it would be a help actual configuration info and software locations would be brilliant.


Stephen Smith

Expert Comment

ID: 2709627
What you need to research for is NAT - Network Address Translation. As JLevie points out, this would be a solution that would allow you to have a single IP address on the outside, and instead of having to use IPX/SPX inside, you'd use a block of Private IP addresses, such as: Mask (Class A) to Mask (Class B) to Mask (Class C)

Your device (usually some type of router, even if just Linux functioning as one) will convert between the internal IPs and the external one.

If you guys are small (about 30 or so machines) you can try a Internet Router by LinkSys (possibly others available, I don't know). It costs about US$200 and provides NAT and DHCP for your entire network. Plus, it's a four port 10/100 Switch.

Here's a good text on NAT.

Cisco's overview is also pretty good:

Here's a technical discussion on NAT, if you get curious:

Good luck,

LVL 40

Accepted Solution

jlevie earned 400 total points
ID: 2710365
Id suggest an upgrade to 6.1 or 6.2 (better) as I think you'll find that it'll work much better as an IPMasq box Which is what you need to funnel a private network into a single external IP. Technically, that's Network Port Address Translation or NPAT.

The subject, from a Linux perspective, is covered pretty well in the IP-Masquerade & IPCHAINS Howto's at It's not that hard to set up if you don't need a lot of security rules or special inbound services. NPAT in general is limited as to what can be done w/respect to inbound services as there's only the one external IP. Network Address Translation (NAT) using an external IP pool of address is a lot more flexible in that regard.

Author Comment

ID: 2711457
Thank you very much for your help you both have given me pointers as to where to go next.

Featured Post

Survive A High-Traffic Event with Percona

Your application or website rely on your database to deliver information about products and services to your customers. You can’t afford to have your database lose performance, lose availability or become unresponsive – even for just a few minutes.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Originally, this post was published on Monitis Blog, you can check it here . It goes without saying that technology has transformed society and the very nature of how we live, work, and communicate in ways that would’ve been incomprehensible 5 ye…
WARNING:   If you follow the instructions here, you will wipe out your VTP and VLAN configurations.  Make sure you have backed up your switch!!! I recently had some issues with a few low-end Cisco routers (RV325) and I opened a case with Cisco TA…
After creating this article (, I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
Monitoring a network: why having a policy is the best policy? Michael Kulchisky, MCSE, MCSA, MCP, VTSP, VSP, CCSP outlines the enormous benefits of having a policy-based approach when monitoring medium and large networks. Software utilized in this v…
Suggested Courses

715 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question