Stephen Dolloff (sysadmin@mc.net) Kevin Smith wrote: > > At 09:18 PM 11/12/97 -0600, Luke Parrish wrote: > >It may be easier if you explain to him why the ip's will be be able to be > >hit from the outside world... > > >From the outside world all of your machine will look like they have the > same address - that assigned by the NAS (dynamic or static - either way). > > >First of all i am not an expert on this, but this is my understanding. > > > >NAT will use local addressing, meaning that "my address" will be set to > >200.200.200.200/24 on the pipeline. > > The my-address is local and ONLY relevant to the machines behind it. This > address is NEVER used on the WAN side and the rest of the world knows > nothing about it. The assigned address is mapped by the Pipeline to all > of the local addresses via a mapping that consists of IP/port combinations. > > >This would allow you to dial up to > >your ISP and receive a dynamic ip. Then the ip address that your > >web/http/ftp servers will be on, would be 200.200.200.201 .202 .203 etc. > > No, they would all *LOOK LIKE* they are on the address that is "assigned" to > you at connection time. > > >With a mask of 255.255.255.0. > > Not really, but.... > > > What would be ideal is if your ISP could > >provide you with say a /27 block of address's and then you could have > >"real" address's for each box on your network. But there will be additional > >costs to this, so i am sure that is why you are doing NAT. > > >Just dont let > >your ISP know that you are doing it, they tend to get unhappy when they > >find their dialup ISDN customers with machines behind their single > >connection. I work for an ISP and we get mad, so just thought i would let > >you know :) > > Interesting.....you'd rather burn IP addresses then.... > > >What you could do is direct internet traffic by your one real ip address. > >Like all FTP traffic to port 21, and then specify a local address to route > >all port 21 traffic to, this is done with static mappings. > > Yes...this is it...maybe I misunderstood wat you were suggesting above. > > >But the reason that these address's are not able to be reached from the > >outside is that these are "local address's". > > But you don't care about that. To the outside world they are all on the > same "assigned" address. > > >Which means they are being > >used all over the world by many networks as local address's. So lets say i > >did a trace to 200.200.200.201, it will go no where, cause it knows that it > >is assigned for local addressing. > > The outside world knows nothing about your local/private addressing scheme. > > >And when you say that it sounds doable, i have found that if you sit down > >and actually read through one of the manuals they send out, and a .pdf on > >the 5.1A code, (took me a while to figure the whole manual thing out), then > >you can do almost everything with these little bad boys. > > Ah, so we do agree.... > > It is pretty clear from the 5.1A release notes that this can be done.... > > >At 06:26 PM 11/12/97 -0500, you wrote: > >>>Yes you can run them, but users from the outside world will not be able to > >>>hit them. > >> > >> > >>That's too bad. > >> > >>>I totally dont understand what you mean by "The DNS effectively becomes > >>>the router", as they are two TOTALLY different things, doing two TOTALLY > >>>different functions, but your overall answer is NO. Go buy a Motorola > >>>BitSucker Pro for $150, and save some cash. > >> > >>Oops. Sorry for my misuse of the terms. What I mean to say is that with a TA > >>as a NIC sitting in the same machine as the DNS, one can effectively turn > >>the Server into routing the LAN. Then with multi-homing on a single IP, I > >>can > >>run other servers on the subnet. > >> > >>But I don't like this solution because it means dedicating one machine for > >>the task > >>and using the software to solve it instead of letting the hardware > >>(pipeline) handling this. > >> > >>I am still hopeing a solution is available. Maybe something like setting the > >>default > >>route to a specific machine. That is, if an unsolicted packet is sent to the > >>pipeline 75, > >>it will automatically (by default through some sort of configuration on p75) > >>be routed to a specific machine. It should be doable, at least conceptually. > >> > >>Thanks. > >> > >>Edwin > >> > >> > >> > >>> > >>>Scott R. Chrestman > >>>System Administrator > >>>Netropolis Communications Corp. > >>>src@netropolis.net > >>> > >>> > >> > >>++ Ascend Users Mailing List ++ > >>To unsubscribe: send unsubscribe to ascend-users-request@bungi.com > >>To get FAQ'd: <<A HREF="http://www.nealis.net/ascend/faq">http://www.nealis.net/ascend/faq</A>> > >> > >> > > > > > >* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * > >* Luke Parrish * Email lparrish@iamerica.net * > >* LDS-iAmerica, ISP * Email luke@ciscokid.iamerica.net * > >* Network Engineer * Phone 1-800-789-6062 x3010 * > >* AS 4958 * <A HREF="http://cust.iamerica.net/lparrish">http://cust.iamerica.net/lparrish</A> * > >* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * > >* The Internet is our friend. * > >* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * > > > >++ Ascend Users Mailing List ++ > >To unsubscribe: send unsubscribe to ascend-users-request@bungi.com > >To get FAQ'd: <<A HREF="http://www.nealis.net/ascend/faq">http://www.nealis.net/ascend/faq</A>> > > > > Kevin > > ++ Ascend Users Mailing List ++ > To unsubscribe: send unsubscribe to ascend-users-request@bungi.com > To get FAQ'd: <<A HREF="http://www.nealis.net/ascend/faq">http://www.nealis.net/ascend/faq</A>> ++ Ascend Users Mailing List ++ To unsubscribe: send unsubscribe to ascend-users-request@bungi.com To get FAQ'd: <<A HREF="http://www.nealis.net/ascend/faq">http://www.nealis.net/ascend/faq</A>> </PRE> <!--X-MsgBody-End--> <!--X-Follow-Ups--> <!--X-Follow-Ups-End--> <!--X-References--> <HR> <STRONG>References</STRONG>: <UL> <LI><STRONG><A HREF="msg10668.html">Re: (ASCEND) Q. Can you run servers behind Pipeline (running NAT)?</A></STRONG></LI> <UL> <LI><EM>From</EM>: "Edwin Yeh" <ery2@po.cwru.edu></LI> </UL> <LI><STRONG><A HREF="msg10721.html">Re: (ASCEND) Q. Can you run servers behind Pipeline (running NAT)?</A></STRONG></LI> <UL> <LI><EM>From</EM>: Kevin Smith <kevin@ascend.com></LI> </UL> </UL> <!--X-References-End--> <!--X-BotPNI--> <HR> <UL> <LI>Prev by Date: <STRONG><A HREF="msg10769.html">Re: (ASCEND) Patch: radiusd uses db library</A></STRONG> </LI> <LI>Next by Date: <STRONG><A HREF="msg10768.html">Re: (ASCEND) MAX 4000 Performance Questions</A></STRONG> </LI> <LI>Prev by thread: <STRONG><A HREF="msg10724.html">Re: (ASCEND) Q. Can you run servers behind Pipeline (running NAT)?</A></STRONG> </LI> <LI>Next by thread: <STRONG><A HREF="msg10704.html">Re: (ASCEND) Q. Can you run servers behind Pipeline (running NAT)?</A></STRONG> </LI> <LI>Index(es): <UL> <LI><A HREF="maillist.html#10767"><STRONG>Main</STRONG></A></LI> <LI><A HREF="thrd240.html#10767"><STRONG>Thread</STRONG></A></LI> </UL> </LI> </UL> <!--X-BotPNI-End--> <!--X-User-Footer--> <!--X-User-Footer-End--> </BODY> </HTML>