Routing problem

Posted on 2001-07-03
Last Modified: 2012-05-04
How to describe a network which is behind the router so it can be visible from the Internet. How to do it if my router is CISCO or Linux server?
Question by:CyberGod
  • 2
  • 2
LVL 40

Accepted Solution

jlevie earned 200 total points
ID: 6250538
That depends on what kind of network is behind the router. If you are talking about a network that uses private, non-routable IP's, then you must have some form of NAT (Network Address Translation) on the router. Exactly how that's done depends on how large your private network is and how many Internet addressible IP's you have. On the other hand, if your network that is behind the router uses Internet routable IP's, then it is simply a matter of configuring the router and hosts on the network correctly.

There are three general cases to consider. One is that you have an Internet accessible netblock that is as large or larger than your inside network. In that case you can use static NAT where each outside IP translates to a specific inside IP. The second case occurs when your outside netblock is smaller than your inside network, but large enough to provide visibility for those hosts that need to be visble from the Internet plus at least one more outside IP. In that case you set up static NAT translations for the inside hosts that must be Internet accessible and use NPAT (Network Port Address Translation... aka PAT, aka IPMasquerade) for the remainder of the inside network. Those machines can still access Internet sites, but they can't be accessed from the Internet. The last case is where you only have a single outside IP. There your only choice is to use NPAT. It is possible to port forward a specific service to an inside host, but you can't forward that particular service to multiple inside hosts. I.e., you can forward HTTP traffic (port 80/TCP) to one inside host and only one particular inside host.

If you would provide more details of your Internt connection, what kind of inside network you have, what needs to be visible to the Internet we can provide a more detailed response.

Author Comment

ID: 6275930
My connection behind the router is LAN with 132 computers. Is it posible if the local network is having a class C network addresses (192.16.8.X.X) to visible from the internet if the router is Linux with or without NAT enable?
LVL 40

Expert Comment

ID: 6279135
If the local network is using any of the private, non-routable, address ranges (like 192.168.n.n) then you have to use NAT in order to have any kind of Internet connectivity. IP's within the private address ranges will never be routed across the Internet so your local gateway must use some form of NAT to translated those IP's into one or more public, routable, IP addresses. That takes care of connections to Internet sites initiated from within the local network.

As I said above, making one of more hosts on the local (inside) network visible to the Internet can be done. How many hosts that can be made visible depends entirely on what kind of Internet service you have and how many public IP's you've been allocated.

So how many outside IP's do you have allocated to you by your service provider?

Author Comment

ID: 6279751
I have one full clas C network, and soon I'll have anather one.

Featured Post

Networking for the Cloud Era

Join Microsoft and Riverbed for a discussion and demonstration of enhancements to SteelConnect:
-One-click orchestration and cloud connectivity in Azure environments
-Tight integration of SD-WAN and WAN optimization capabilities
-Scalability and resiliency equal to a data center

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Lame BIND 9.3 10 69
php54-php-imap for redhat enterprise linux 7.2 1 93
IPA complaining about DNS but DNS looks good.... 2 133
is my large folder zipped corrupted 4 77
I have seen several blogs and forum entries elsewhere state that because NTFS volumes do not support linux ownership or permissions, they cannot be used for anonymous ftp upload through the vsftpd program.   IT can be done and here's how to get i…
Note: for this to work properly you need to use a Cross-Over network cable. 1. Connect both servers S1 and S2 on the second network slots respectively. Note that you can use the 1st slots but usually these would be occupied by the Service Provide…
Although Jacob Bernoulli (1654-1705) has been credited as the creator of "Binomial Distribution Table", Gottfried Leibniz (1646-1716) did his dissertation on the subject in 1666; Leibniz you may recall is the co-inventor of "Calculus" and beat Isaac…
Nobody understands Phishing better than an anti-spam company. That’s why we are providing Phishing Awareness Training to our customers. According to a report by Verizon, only 3% of targeted users report malicious emails to management. With compan…

840 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question