Solved

TCP/IP Networking Question

Posted on 2000-04-12
5
182 Views
Last Modified: 2013-11-29
I work in a building that is currently connected to the internet via a router we are being told that we cannot have TCP/IP networking on our machines because our company has run out of IP addresses for our machines.  Our current solution to the problem is that we use an instant internet box which has IPX/SPX winsock client on one side and its own IP address on the internet side of the box.  Is there no simple solution that allows us to use any IP addresses on our clients and have a box/machine that acts as a gateway to the internet?  I have a linux server running so if there is a software solution that could be sat on the server (the server becoming the a gateway via two network cards)
0
Comment
Question by:Steves2001
  • 2
  • 2
5 Comments
 
LVL 40

Expert Comment

by:jlevie
ID: 2709029
To suggest the best solution I need to know how many "public" IP's could be allocated for the buildings use. If only one, then IPMasq/ipchains on a Linux box could be used to masquerade your entire building onto a single outside IP. If there is a block of IP's that could be used, ipfilter running on FreeBSD, OpenBSD or Solaris could be used for dynamic NAT.

Sounds like you organization needs to "re-design" their network and NAT everything using a private Class B or Class A.
0
 
LVL 1

Author Comment

by:Steves2001
ID: 2709423
The difficulty has been that we are a college in the UK who benefit from a link to a university who in turn links to JANET which inturn links to the internet.

Our main IP network is a subnet of the universities IP network and our building currently assigned a single IP address due to the way in which IP's have been allocated (randomly) until we ran out . SO yes it is a mess, my problem is that I have to do something with that IP we have so that we can run courses within the building (Java networking stuff) I can do pretty much what I like in the building as long as I don't affect the main network.  If I can show them a working system within the building I could then move on to getting them to take it on board for the whole college.

Anything you can suggest would be greatly appreciated The server I am using at the moment is RedHat 6.0.

Even if you only point me to some sites or books where I can read up about above it would be a help actual configuration info and software locations would be brilliant.

Thanks

Stephen Smith
0
 
LVL 3

Expert Comment

by:apadua
ID: 2709627
What you need to research for is NAT - Network Address Translation. As JLevie points out, this would be a solution that would allow you to have a single IP address on the outside, and instead of having to use IPX/SPX inside, you'd use a block of Private IP addresses, such as:

10.0.0.0 Mask 255.0.0.0 (Class A)
172.16.0.0 to 172.32.0.0 Mask 255.255.0.0 (Class B)
192.168.1.0 to 192.168.254.0 Mask 255.255.255.0 (Class C)

Your device (usually some type of router, even if just Linux functioning as one) will convert between the internal IPs and the external one.

If you guys are small (about 30 or so machines) you can try a Internet Router by LinkSys (possibly others available, I don't know). It costs about US$200 and provides NAT and DHCP for your entire network. Plus, it's a four port 10/100 Switch.


Here's a good text on NAT.

http://www.computerbits.com/archive/9708/lan9708.htm

Cisco's overview is also pretty good:

http://www.cisco.com/warp/public/701/60.html

Here's a technical discussion on NAT, if you get curious:

http://www.safety.net/nattech.html


Good luck,


André
0
 
LVL 40

Accepted Solution

by:
jlevie earned 100 total points
ID: 2710365
Id suggest an upgrade to 6.1 or 6.2 (better) as I think you'll find that it'll work much better as an IPMasq box Which is what you need to funnel a private network into a single external IP. Technically, that's Network Port Address Translation or NPAT.

The subject, from a Linux perspective, is covered pretty well in the IP-Masquerade & IPCHAINS Howto's at http://howto.tucows.com/LDP/HOWTO/HOWTO-INDEX-3.html#ss3.1. It's not that hard to set up if you don't need a lot of security rules or special inbound services. NPAT in general is limited as to what can be done w/respect to inbound services as there's only the one external IP. Network Address Translation (NAT) using an external IP pool of address is a lot more flexible in that regard.
0
 
LVL 1

Author Comment

by:Steves2001
ID: 2711457
Thank you very much for your help you both have given me pointers as to where to go next.
0

Featured Post

Netscaler Common Configuration How To guides

If you use NetScaler you will want to see these guides. The NetScaler How To Guides show administrators how to get NetScaler up and configured by providing instructions for common scenarios and some not so common ones.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Resolve Outlook connectivity issues after moving mailbox to new Exchange 2016 server
Join Greg Farro and Ethan Banks from Packet Pushers (http://packetpushers.net/podcast/podcasts/pq-show-93-smart-network-monitoring-paessler-sponsored/) and Greg Ross from Paessler (https://www.paessler.com/prtg) for a discussion about smart network …
Internet Business Fax to Email Made Easy - With  eFax Corporate (http://www.enterprise.efax.com), you'll receive a dedicated online fax number, which is used the same way as a typical analog fax number. You'll receive secure faxes in your email, f…
In this tutorial you'll learn about bandwidth monitoring with flows and packet sniffing with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're interested in additional methods for monitoring bandwidt…

895 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

15 Experts available now in Live!

Get 1:1 Help Now