Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium


Routing problem

Posted on 2001-07-03
Medium Priority
Last Modified: 2012-05-04
How to describe a network which is behind the router so it can be visible from the Internet. How to do it if my router is CISCO or Linux server?
Question by:CyberGod
  • 2
  • 2
LVL 40

Accepted Solution

jlevie earned 400 total points
ID: 6250538
That depends on what kind of network is behind the router. If you are talking about a network that uses private, non-routable IP's, then you must have some form of NAT (Network Address Translation) on the router. Exactly how that's done depends on how large your private network is and how many Internet addressible IP's you have. On the other hand, if your network that is behind the router uses Internet routable IP's, then it is simply a matter of configuring the router and hosts on the network correctly.

There are three general cases to consider. One is that you have an Internet accessible netblock that is as large or larger than your inside network. In that case you can use static NAT where each outside IP translates to a specific inside IP. The second case occurs when your outside netblock is smaller than your inside network, but large enough to provide visibility for those hosts that need to be visble from the Internet plus at least one more outside IP. In that case you set up static NAT translations for the inside hosts that must be Internet accessible and use NPAT (Network Port Address Translation... aka PAT, aka IPMasquerade) for the remainder of the inside network. Those machines can still access Internet sites, but they can't be accessed from the Internet. The last case is where you only have a single outside IP. There your only choice is to use NPAT. It is possible to port forward a specific service to an inside host, but you can't forward that particular service to multiple inside hosts. I.e., you can forward HTTP traffic (port 80/TCP) to one inside host and only one particular inside host.

If you would provide more details of your Internt connection, what kind of inside network you have, what needs to be visible to the Internet we can provide a more detailed response.

Author Comment

ID: 6275930
My connection behind the router is LAN with 132 computers. Is it posible if the local network is having a class C network addresses (192.16.8.X.X) to visible from the internet if the router is Linux with or without NAT enable?
LVL 40

Expert Comment

ID: 6279135
If the local network is using any of the private, non-routable, address ranges (like 192.168.n.n) then you have to use NAT in order to have any kind of Internet connectivity. IP's within the private address ranges will never be routed across the Internet so your local gateway must use some form of NAT to translated those IP's into one or more public, routable, IP addresses. That takes care of connections to Internet sites initiated from within the local network.

As I said above, making one of more hosts on the local (inside) network visible to the Internet can be done. How many hosts that can be made visible depends entirely on what kind of Internet service you have and how many public IP's you've been allocated.

So how many outside IP's do you have allocated to you by your service provider?

Author Comment

ID: 6279751
I have one full clas C network, and soon I'll have anather one.

Featured Post

Receive 1:1 tech help

Solve your biggest tech problems alongside global tech experts with 1:1 help.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I have seen several blogs and forum entries elsewhere state that because NTFS volumes do not support linux ownership or permissions, they cannot be used for anonymous ftp upload through the vsftpd program.   IT can be done and here's how to get i…
Note: for this to work properly you need to use a Cross-Over network cable. 1. Connect both servers S1 and S2 on the second network slots respectively. Note that you can use the 1st slots but usually these would be occupied by the Service Provide…
If you're a developer or IT admin, you’re probably tasked with managing multiple websites, servers, applications, and levels of security on a daily basis. While this can be extremely time consuming, it can also be frustrating when systems aren't wor…
Exchange organizations may use the Journaling Agent of the Transport Service to archive messages going through Exchange. However, if the Transport Service is integrated with some email content management application (such as an anti-spam), the admin…
Suggested Courses

572 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question