Using a linux router for public IPs

Hi,

I have a net connection which comes to me through LAN. I have got public IPs. The lan card is installed on Linux server for further distributing using NAT. The internal network of computers in my organisation are using private IPs.

I currently have 7 more public IPs left which I can use. My question is how can I add seven PCs in my network having public IPs through my Linux server, and also continue the NAT for the existing PCs with private IPs. Do I have to add another LAN card?

Also what will be better to use in my situation, Windows XP or Linux.

Thanx in advance
LVL 1
abhinaysinhaAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

JivkoCommented:
You can use SOURCE and DESTINATION NAT

1.Put all of the 8 public IPs to your external interface , for example eth0

ifconfig eth0 <first_public_ip> netmask 255.255.255.xxx
ifconfig eth0:1 <second_public_ip> netmask 255.255.255.xxx
ifconfig eth0:3 <third_public_ip> netmask 255.255.255.xxx
..........................................................................
...........................................................

Then :
iptables -t nat -I PREROUTING -d <first_public_ip> -j DNAT --to-destination <first_internal_ip>
iptables -t nat -I POSTROUTING -s <first_internal_ip> -j SNAT --to-source <first_public_ip>

.....

And so on
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
abhinaysinhaAuthor Commented:
OK. So that means the computers will be added to the internal interface, say eth1, and have private IPs. But will they work same as any computer directly connected to net with a public IP or they will have some limitations.
0
JivkoCommented:
There will be no limitations
If you want limitations you can do this by netfilter-iptables

Regards
0
abhinaysinhaAuthor Commented:
Can this be done in windows XP?

Secondly, I am comfortable with ipchains. My knowledge about iptables is nil. can this be converted to ipchains?
0
JivkoCommented:
This can NOT be done by windows XP.

Ipchains scenario- not so good - this is not a full NAT solution

http://www.ox.compsoc.org.uk/~steve/portfw-2.2.html

$EXTIF=eth0
$INTLAN=192.168.0./24
ipchains -A forward -i $EXTIF -s $INTLAN -j MASQ

#PORTFORWARDING
#echo "Enabling IPPORTFW Redirection on the external LAN.."
#
#   This will forward ALL port 80 traffic from the external IP address
#   to port 80 on the 192.168.0.10 machine
#
PORTFWIP="192.168.0.10"

/usr/sbin/ipmasqadm portfw -f
/usr/sbin/ipmasqadm portfw -a -P tcp -L $EXTIP 80 -R $PORTFWIP 80

Use iptables , ipchains and 2.2 kernels are obsolete



0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Networking Protocols

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.