Solved

TCP/IP Networking Question

Posted on 2000-04-12
5
181 Views
Last Modified: 2013-11-29
I work in a building that is currently connected to the internet via a router we are being told that we cannot have TCP/IP networking on our machines because our company has run out of IP addresses for our machines.  Our current solution to the problem is that we use an instant internet box which has IPX/SPX winsock client on one side and its own IP address on the internet side of the box.  Is there no simple solution that allows us to use any IP addresses on our clients and have a box/machine that acts as a gateway to the internet?  I have a linux server running so if there is a software solution that could be sat on the server (the server becoming the a gateway via two network cards)
0
Comment
Question by:Steves2001
  • 2
  • 2
5 Comments
 
LVL 40

Expert Comment

by:jlevie
Comment Utility
To suggest the best solution I need to know how many "public" IP's could be allocated for the buildings use. If only one, then IPMasq/ipchains on a Linux box could be used to masquerade your entire building onto a single outside IP. If there is a block of IP's that could be used, ipfilter running on FreeBSD, OpenBSD or Solaris could be used for dynamic NAT.

Sounds like you organization needs to "re-design" their network and NAT everything using a private Class B or Class A.
0
 
LVL 1

Author Comment

by:Steves2001
Comment Utility
The difficulty has been that we are a college in the UK who benefit from a link to a university who in turn links to JANET which inturn links to the internet.

Our main IP network is a subnet of the universities IP network and our building currently assigned a single IP address due to the way in which IP's have been allocated (randomly) until we ran out . SO yes it is a mess, my problem is that I have to do something with that IP we have so that we can run courses within the building (Java networking stuff) I can do pretty much what I like in the building as long as I don't affect the main network.  If I can show them a working system within the building I could then move on to getting them to take it on board for the whole college.

Anything you can suggest would be greatly appreciated The server I am using at the moment is RedHat 6.0.

Even if you only point me to some sites or books where I can read up about above it would be a help actual configuration info and software locations would be brilliant.

Thanks

Stephen Smith
0
 
LVL 3

Expert Comment

by:apadua
Comment Utility
What you need to research for is NAT - Network Address Translation. As JLevie points out, this would be a solution that would allow you to have a single IP address on the outside, and instead of having to use IPX/SPX inside, you'd use a block of Private IP addresses, such as:

10.0.0.0 Mask 255.0.0.0 (Class A)
172.16.0.0 to 172.32.0.0 Mask 255.255.0.0 (Class B)
192.168.1.0 to 192.168.254.0 Mask 255.255.255.0 (Class C)

Your device (usually some type of router, even if just Linux functioning as one) will convert between the internal IPs and the external one.

If you guys are small (about 30 or so machines) you can try a Internet Router by LinkSys (possibly others available, I don't know). It costs about US$200 and provides NAT and DHCP for your entire network. Plus, it's a four port 10/100 Switch.


Here's a good text on NAT.

http://www.computerbits.com/archive/9708/lan9708.htm

Cisco's overview is also pretty good:

http://www.cisco.com/warp/public/701/60.html

Here's a technical discussion on NAT, if you get curious:

http://www.safety.net/nattech.html


Good luck,


André
0
 
LVL 40

Accepted Solution

by:
jlevie earned 100 total points
Comment Utility
Id suggest an upgrade to 6.1 or 6.2 (better) as I think you'll find that it'll work much better as an IPMasq box Which is what you need to funnel a private network into a single external IP. Technically, that's Network Port Address Translation or NPAT.

The subject, from a Linux perspective, is covered pretty well in the IP-Masquerade & IPCHAINS Howto's at http://howto.tucows.com/LDP/HOWTO/HOWTO-INDEX-3.html#ss3.1. It's not that hard to set up if you don't need a lot of security rules or special inbound services. NPAT in general is limited as to what can be done w/respect to inbound services as there's only the one external IP. Network Address Translation (NAT) using an external IP pool of address is a lot more flexible in that regard.
0
 
LVL 1

Author Comment

by:Steves2001
Comment Utility
Thank you very much for your help you both have given me pointers as to where to go next.
0

Featured Post

Free camera licenses with purchase of My Cloud NAS

Milestone Arcus software is compatible with thousands of industry-leading cameras for added flexibility. Upon installation on your My Cloud NAS, you will receive two (2) camera licenses already enabled in the software. And for a limited time, get additional camera licenses FREE.

Join & Write a Comment

There was an incident about the POP3 issue for the double read receipts and delivery receipts in Exchange 2013.  There was huge research been done and found solution for the duplicate mails. Especially when the user gets  duplicate mails.
Let’s list some of the technologies that enable smooth teleworking. 
Viewers will learn how to connect to a wireless network using the network security key. They will also learn how to access the IP address and DNS server for connections that must be done manually. After setting up a router, find the network security…
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.

771 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

13 Experts available now in Live!

Get 1:1 Help Now