Ascend Archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: (ASCEND) Q. Can you run servers behind Pipeline (running NAT)?
It may be easier if you explain to him why the ip's will be be able to be
hit from the outside world...
First of all i am not an expert on this, but this is my understanding.
NAT will use local addressing, meaning that "my address" will be set to
200.200.200.200/24 on the pipeline. This would allow you to dial up to
your ISP and receive a dynamic ip. Then the ip address that your
web/http/ftp servers will be on, would be 200.200.200.201 .202 .203 etc.
With a mask of 255.255.255.0. What would be ideal is if your ISP could
provide you with say a /27 block of address's and then you could have
"real" address's for each box on your network. But there will be additional
costs to this, so i am sure that is why you are doing NAT. Just dont let
your ISP know that you are doing it, they tend to get unhappy when they
find their dialup ISDN customers with machines behind their single
connection. I work for an ISP and we get mad, so just thought i would let
you know :)
What you could do is direct internet traffic by your one real ip address.
Like all FTP traffic to port 21, and then specify a local address to route
all port 21 traffic to, this is done with static mappings.
But the reason that these address's are not able to be reached from the
outside is that these are "local address's". Which means they are being
used all over the world by many networks as local address's. So lets say i
did a trace to 200.200.200.201, it will go no where, cause it knows that it
is assigned for local addressing.
And when you say that it sounds doable, i have found that if you sit down
and actually read through one of the manuals they send out, and a .pdf on
the 5.1A code, (took me a while to figure the whole manual thing out), then
you can do almost everything with these little bad boys.
At 06:26 PM 11/12/97 -0500, you wrote:
>>Yes you can run them, but users from the outside world will not be able to
>>hit them.
>
>
>That's too bad.
>
>>I totally dont understand what you mean by "The DNS effectively becomes
>>the router", as they are two TOTALLY different things, doing two TOTALLY
>>different functions, but your overall answer is NO. Go buy a Motorola
>>BitSucker Pro for $150, and save some cash.
>
>Oops. Sorry for my misuse of the terms. What I mean to say is that with a TA
>as a NIC sitting in the same machine as the DNS, one can effectively turn
>the Server into routing the LAN. Then with multi-homing on a single IP, I
>can
>run other servers on the subnet.
>
>But I don't like this solution because it means dedicating one machine for
>the task
>and using the software to solve it instead of letting the hardware
>(pipeline) handling this.
>
>I am still hopeing a solution is available. Maybe something like setting the
>default
>route to a specific machine. That is, if an unsolicted packet is sent to the
>pipeline 75,
>it will automatically (by default through some sort of configuration on p75)
>be routed to a specific machine. It should be doable, at least conceptually.
>
>Thanks.
>
>Edwin
>
>
>
>>
>>Scott R. Chrestman
>>System Administrator
>>Netropolis Communications Corp.
>>src@netropolis.net
>>
>>
>
>++ Ascend Users Mailing List ++
>To unsubscribe: send unsubscribe to ascend-users-request@bungi.com
>To get FAQ'd: <http://www.nealis.net/ascend/faq>
>
>
* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
* Luke Parrish * Email lparrish@iamerica.net *
* LDS-iAmerica, ISP * Email luke@ciscokid.iamerica.net *
* Network Engineer * Phone 1-800-789-6062 x3010 *
* AS 4958 * http://cust.iamerica.net/lparrish *
* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
* The Internet is our friend. *
* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
++ Ascend Users Mailing List ++
To unsubscribe: send unsubscribe to ascend-users-request@bungi.com
To get FAQ'd: <http://www.nealis.net/ascend/faq>
Follow-Ups:
References: