Re: [TCLUG:6820] CISCO 675 ASDL USWEST

To: tclug-list@mn-linux.org
Subject: Re: [TCLUG:6820] CISCO 675 ASDL USWEST
From: Tim Neu <tim@tneu.visi.com>
Date: Mon, 12 Jul 1999 21:31:21 +0000 (GMT)
In-Reply-To: <862567AC.0055CE84.00@amrhm1101.ac.com>


On Mon, 12 Jul 1999 wade.a.harding@ac.com wrote:

> True enough. But if you do that, how can you separate the internal network from
> the external? Would you rely on USWest not routing packets on a 192.168.x.x
> network, or set the router up to drop them?

Just set up your Linux box to only forward 192.168.x.x - anything US west
uses will be outside of that subnet and could not be routed (from what I
understand). 

Of course, if US west were to be compromised, the attacker could assign
you a dhcp address inside your subnet mask; and then access the rest of
your private network...   And, as you suggest; if US West had TERRIBLY
incorrect router configuration, you may have some vulnerability to other
US West customers (if 192.168 were routed by mistake)

  I believe you can also set up routing rules for each specific interface.
If your PC would be connected to the internet full time, it would be a
good idea to do your homework on this stuff...   It just seems to be a
waste of a good nic card... 

At one time I had my linux box set up to IP Masquerade through one IP
address to my work network; while having a second interface on the local
network.   It worked VERY well... 

> Tim Neu <tim@tneu.visi.com>
> 07/11/99 09:11 PM GMT
> Please respond to tclug-list@mn-linux.org
> 
> To:   tclug-list@mn-linux.org
> cc:    (bcc: Wade A. Harding)
> Subject:  Re: [TCLUG:6820] CISCO 675 ASDL USWEST
> 
> 
> 
> 
> You don't even need two nic's.   The kernel IP Aliasing feature is
> designed to allow your linux box to have two ip addresses - Just set up
> eth0 to your home network IP and eth0:0 to your DHCP assigned IP from US
> West. Then you can set up masquerading as usual...
> 
>  On Tue, 6 Jul 1999 wade.a.harding@ac.com wrote:
> 
> > I thought that USWest handed out as many DHCP IP's as you could suck up. (?)
> If
> > a "true" IP is not an issue, stick a linux box with 2 NIC's in and do
> > masquerade. It's what I did until I bought the Visi 6-pack of IP's.... Aah....
> a
> > six pack... :)
> >
> > -Wade
> >
> >
> > Bob Tanner <tanner@real-time.com>
> > 07/06/99 07:47 PM GMT
> > Please respond to tclug-list@mn-linux.org
> >
> > To:   tclug-list@mn-linux.org
> > cc:    (bcc: Wade A. Harding)
> > Subject:  Re: [TCLUG:6820] CISCO 675 ASDL USWEST
> >
> >
> >
> >
> > USWest still does bridging(?), and your computer is requesting a DHCP address
> > and you probably bought only 1 IP from them.
> >
> > Quoting noid (noid@bruce-lee.com):
> > > Hello
> > > I just installed a Cisco 675 router on a computer connected to a hub. I'm
> > > using ADSL from USWEST, who claims I can can have multiple computers
> > > running on a lan connected to the router, but won't support and
> > > troubleshooting beyond installation.
> > >
> > > My question is, why does the router only hand out 1 IP address.  The router
> > > is config'd for DHCP, but will hand out the same address <10.0.0.2> to any
> > > computer logging on to the network, which causes IP conflicts.
> > >
> > > Any help would be appreciated!!!
> > >
> > >
> > >
> > > _____________________________________________
> > > Free email with personality! Over 200 domains!
> > > http://www.MyOwnEmail.com
> > >
> > >
> > > ---------------------------------------------------------------------
> > > To unsubscribe, e-mail: tclug-list-unsubscribe@mn-linux.org
> > > For additional commands, e-mail: tclug-list-help@mn-linux.org
> >
> > --
> > Bob Tanner <tanner@real-time.com>       | Phone : (612)943-8700
> > http://www.real-time.com                | Fax   : (612)943-8500
> > Key fingerprint =  6C E9 51 4F D5 3E 4C 66 62 A9 10 E5 35 85 39 D9
> >
> >
> > ---------------------------------------------------------------------
> > To unsubscribe, e-mail: tclug-list-unsubscribe@mn-linux.org
> > For additional commands, e-mail: tclug-list-help@mn-linux.org
> >
> >
> >
> >
> >
> >
> > ---------------------------------------------------------------------
> > To unsubscribe, e-mail: tclug-list-unsubscribe@mn-linux.org
> > For additional commands, e-mail: tclug-list-help@mn-linux.org
> >
> >
> 
> 
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: tclug-list-unsubscribe@mn-linux.org
> For additional commands, e-mail: tclug-list-help@mn-linux.org
> 
> 
> 
> 
> 
> 
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: tclug-list-unsubscribe@mn-linux.org
> For additional commands, e-mail: tclug-list-help@mn-linux.org
> 
>

Follow-Ups:
- Re: [TCLUG:6820] CISCO 675 ASDL USWEST (Really RE: IP MASQ, IPCHAINSstuff)
  - From: Peter Lukas <peter@math.umn.edu>

References:
- Re: [TCLUG:6820] CISCO 675 ASDL USWEST
  - From: wade.a.harding@ac.com

Prev by Date: Re: [TCLUG:6936] RH 6.0 --> printer broke :-(
Next by Date: Help needed to set up an NTP server
Prev by thread: Re: [TCLUG:6820] CISCO 675 ASDL USWEST
Next by thread: Re: [TCLUG:6820] CISCO 675 ASDL USWEST (Really RE: IP MASQ, IPCHAINSstuff)
Index(es):
- Date
- Thread