[gentoo-user] Different servers behind the same router

[gentoo-user] Different servers behind the same router

[Momesso Andrea]

[-- Attachment #1: Type: text/plain, Size: 852 bytes --]

I have a home server running gentoo for personal use (irc, home
entertainment, file server etc.).

It is reachable from the internet using a dyamic dns service
(dyndns.org).

I also have another machine (running gentoo too) that I use as a web
server. This machine uses dyndns.org, with a different name.

Both machines connect to my modem/router via pppoe so they get 2
different IPs.

This modem can also be configured to be used as a router so it connects
directly to the internet and shares the same IP between the clients.

What happens if I decide to switch to the "router" configuration? If I
have a single IP for all the machines in the LAN, when someone from the
outside will try to connect to homeserver.foo or to webserver.bar, will
they be routed to the correct machine?

Are there other setups I should look into?

=======
TopperH
=======

[-- Attachment #2: Type: application/pgp-signature, Size: 197 bytes --]

Re: [gentoo-user] Different servers behind the same router

[Stroller]

On 3 Feb 2009, at 17:43, Momesso Andrea wrote:
> ...
> What happens if I decide to switch to the "router" configuration? If I
> have a single IP for all the machines in the LAN, when someone from  
> the
> outside will try to connect to homeserver.foo or to webserver.bar,  
> will
> they be routed to the correct machine?

No, they will all reach the router's IP address. It will have an  
option for "port forwarding" so that you can forward port 80 to the  
webserver and ports 25 & 110 to the mail server. If you have two  
webservers behind the router then you need to use one to proxy forward  
to the other.

"NAT" is another Google keyword.

Stroller.

Re: [gentoo-user] Different servers behind the same router

[Momesso Andrea]

[-- Attachment #1: Type: text/plain, Size: 882 bytes --]

On Tue, Feb 03, 2009 at 05:52:13PM +0000, Stroller wrote:
>
> On 3 Feb 2009, at 17:43, Momesso Andrea wrote:
>> ...
>> What happens if I decide to switch to the "router" configuration? If I
>> have a single IP for all the machines in the LAN, when someone from the
>> outside will try to connect to homeserver.foo or to webserver.bar, will
>> they be routed to the correct machine?
>
> No, they will all reach the router's IP address. It will have an option for 
> "port forwarding" so that you can forward port 80 to the webserver and 
> ports 25 & 110 to the mail server. If you have two webservers behind the 
> router then you need to use one to proxy forward to the other.
>
> "NAT" is another Google keyword.
>
> Stroller.

Is it correct to say that the configuration I alredy have (pppoe and different IPs) is the best choice?

=======
TopperH
=======

[-- Attachment #2: Type: application/pgp-signature, Size: 197 bytes --]

Re: [gentoo-user] Different servers behind the same router

[Saphirus Sage]

On Feb 3, 2009, at 12:43 PM, Momesso Andrea <momesso.andrea@gmail.com>  
wrote:

> I have a home server running gentoo for personal use (irc, home
> entertainment, file server etc.).
>
> It is reachable from the internet using a dyamic dns service
> (dyndns.org).
>
> I also have another machine (running gentoo too) that I use as a web
> server. This machine uses dyndns.org, with a different name.
>
> Both machines connect to my modem/router via pppoe so they get 2
> different IPs.
>
> This modem can also be configured to be used as a router so it  
> connects
> directly to the internet and shares the same IP between the clients.
>
> What happens if I decide to switch to the "router" configuration? If I
> have a single IP for all the machines in the LAN, when someone from  
> the
> outside will try to connect to homeserver.foo or to webserver.bar,  
> will
> they be routed to the correct machine?
>
> Are there other setups I should look into?
>
> =======
> TopperH
> =======
Configure your router for static IP assignment on the LAN and look at  
your router's manual for information about "port forwarding." Simply  
forward the required port from the WAN to the associated LAN IP and  
port number. 

Re: [gentoo-user] Different servers behind the same router

[Momesso Andrea]

[-- Attachment #1: Type: text/plain, Size: 1538 bytes --]

On Tue, Feb 03, 2009 at 01:47:00PM -0500, Saphirus Sage wrote:
>
>
> On Feb 3, 2009, at 12:43 PM, Momesso Andrea <momesso.andrea@gmail.com> 
> wrote:
>
>> I have a home server running gentoo for personal use (irc, home
>> entertainment, file server etc.).
>>
>> It is reachable from the internet using a dyamic dns service
>> (dyndns.org).
>>
>> I also have another machine (running gentoo too) that I use as a web
>> server. This machine uses dyndns.org, with a different name.
>>
>> Both machines connect to my modem/router via pppoe so they get 2
>> different IPs.
>>
>> This modem can also be configured to be used as a router so it connects
>> directly to the internet and shares the same IP between the clients.
>>
>> What happens if I decide to switch to the "router" configuration? If I
>> have a single IP for all the machines in the LAN, when someone from the
>> outside will try to connect to homeserver.foo or to webserver.bar, will
>> they be routed to the correct machine?
>>
>> Are there other setups I should look into?
>>
>> =======
>> TopperH
>> =======
> Configure your router for static IP assignment on the LAN and look at your 
> router's manual for information about "port forwarding." Simply forward the 
> required port from the WAN to the associated LAN IP and port number.

Does it mean that I will need to have one single dyndns name and the
connection will be forwarded depending on the port, or I will still be
able to have different names?

=======
TopperH
=======

[-- Attachment #2: Type: application/pgp-signature, Size: 197 bytes --]

Re: [gentoo-user] Different servers behind the same router

[Neil Bothwick]

[-- Attachment #1: Type: text/plain, Size: 489 bytes --]

On Tue, 3 Feb 2009 17:52:13 +0000, Stroller wrote:

> No, they will all reach the router's IP address. It will have an  
> option for "port forwarding" so that you can forward port 80 to the  
> webserver and ports 25 & 110 to the mail server. If you have two  
> webservers behind the router then you need to use one to proxy forward  
> to the other.

Or run them on different ports.


-- 
Neil Bothwick

Newspaper Ad: Dog for sale: eats anything and is fond of children.

[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 197 bytes --]

[gentoo-user] Re: Different servers behind the same router

[Nikos Chantziaras]

Momesso Andrea wrote:
> On Tue, Feb 03, 2009 at 05:52:13PM +0000, Stroller wrote:
>> On 3 Feb 2009, at 17:43, Momesso Andrea wrote:
>>> ...
>>> What happens if I decide to switch to the "router" configuration? If I
>>> have a single IP for all the machines in the LAN, when someone from the
>>> outside will try to connect to homeserver.foo or to webserver.bar, will
>>> they be routed to the correct machine?
>> No, they will all reach the router's IP address. It will have an option for 
>> "port forwarding" so that you can forward port 80 to the webserver and 
>> ports 25 & 110 to the mail server. If you have two webservers behind the 
>> router then you need to use one to proxy forward to the other.
>>
>> "NAT" is another Google keyword.
>>
>> Stroller.
> 
> Is it correct to say that the configuration I alredy have (pppoe and different IPs) is the best choice?

Since your ISP offers you the option to have two different IP, yes that 
the best choice.  Over here I would have to pay quite some money to get 
an extra IP.  So you're lucky I guess.

Also, if your ISP allows PPPoA too instead of only PPPoE, use that 
instead.  It's a bit more optimal due to less overhead.  But it's not 
critical or something.  Just a little and safe optimization.

Re: [gentoo-user] Re: Different servers behind the same router

[Mike Kazantsev]

[-- Attachment #1: Type: text/plain, Size: 862 bytes --]

On Wed, 04 Feb 2009 01:36:55 +0200
Nikos Chantziaras <realnc@arcor.de> wrote:

> Since your ISP offers you the option to have two different IP, yes that 
> the best choice.  Over here I would have to pay quite some money to get 
> an extra IP.  So you're lucky I guess.

There is plenty of address space on IPv6. One can set up a tunnel, if
ISP doesn't provide it yet.
After that, it's as simple as enabling forwarding in kernel and opening
a FORWARD chain, and you can have 64+ bits of real addresses behind it,
no translation or port forwarding.

And teredo (in form of miredo daemon) offers ability to access IPv6
from anywhere (like public hotspots) w/o setting up any tunneling.

Of course, it's not much use for public server, but certainly useful
for ssh (among over things) to networks behind nat.

-- 
Mike Kazantsev // fraggod.net

[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 197 bytes --]

[gentoo-user] Re: Different servers behind the same router

[Nikos Chantziaras]

Mike Kazantsev wrote:
> On Wed, 04 Feb 2009 01:36:55 +0200
> Nikos Chantziaras <realnc@arcor.de> wrote:
> 
>> Since your ISP offers you the option to have two different IP, yes that 
>> the best choice.  Over here I would have to pay quite some money to get 
>> an extra IP.  So you're lucky I guess.
> 
> There is plenty of address space on IPv6. One can set up a tunnel, if
> ISP doesn't provide it yet.
> After that, it's as simple as enabling forwarding in kernel and opening
> a FORWARD chain, and you can have 64+ bits of real addresses behind it,
> no translation or port forwarding.
> 
> And teredo (in form of miredo daemon) offers ability to access IPv6
> from anywhere (like public hotspots) w/o setting up any tunneling.
> 
> Of course, it's not much use for public server, but certainly useful
> for ssh (among over things) to networks behind nat.

I can't say I understood what you said, but the majority of ISPs give 
clients v4 IPs?  Mine for example right now (it's dynamic) is 
79.123.149.101.  That's the only way to reach me from WAN.

Re: [gentoo-user] Re: Different servers behind the same router

[Mike Kazantsev]

[-- Attachment #1: Type: text/plain, Size: 1157 bytes --]

On Wed, 04 Feb 2009 03:21:17 +0200
Nikos Chantziaras <realnc@arcor.de> wrote:

> > There is plenty of address space on IPv6. One can set up a tunnel, if
> > ISP doesn't provide it yet.
> > After that, it's as simple as enabling forwarding in kernel and opening
> > a FORWARD chain, and you can have 64+ bits of real addresses behind it,
> > no translation or port forwarding.
> > 
> > And teredo (in form of miredo daemon) offers ability to access IPv6
> > from anywhere (like public hotspots) w/o setting up any tunneling.
> > 
> > Of course, it's not much use for public server, but certainly useful
> > for ssh (among over things) to networks behind nat.
> 
> I can't say I understood what you said, but the majority of ISPs give 
> clients v4 IPs?  Mine for example right now (it's dynamic) is 
> 79.123.149.101.  That's the only way to reach me from WAN.

Not quite what I've meant, but just to illustrate a point...

emerge miredo (I think it's ebuild is still in bugzilla)
/etc/init.d/miredo start

And there you go, now you can access this machine by IPv6 address on
teredo interface.

-- 
Mike Kazantsev // fraggod.net

[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 197 bytes --]

[gentoo-user] Re: Different servers behind the same router

[Nikos Chantziaras]

Mike Kazantsev wrote:
> On Wed, 04 Feb 2009 03:21:17 +0200
> Nikos Chantziaras <realnc@arcor.de> wrote:
>> I can't say I understood what you said, but the majority of ISPs give 
>> clients v4 IPs?  Mine for example right now (it's dynamic) is 
>> 79.123.149.101.  That's the only way to reach me from WAN.
> 
> Not quite what I've meant, but just to illustrate a point...
> 
> emerge miredo (I think it's ebuild is still in bugzilla)
> /etc/init.d/miredo start
> 
> And there you go, now you can access this machine by IPv6 address on
> teredo interface.

Thanks for the info.  I've looked it up on Wikipedia for the details.  I 
guess the catch here though is that I'm unreachable by people with no 
IPv6 on their operating system?

Re: [gentoo-user] Different servers behind the same router

[Stroller]

On 3 Feb 2009, at 18:35, Momesso Andrea wrote:
> On Tue, Feb 03, 2009 at 05:52:13PM +0000, Stroller wrote:
>>
>> On 3 Feb 2009, at 17:43, Momesso Andrea wrote:
>>> ...
>>> What happens if I decide to switch to the "router" configuration?  
>>> If I
>>> have a single IP for all the machines in the LAN, when someone  
>>> from the
>>> outside will try to connect to homeserver.foo or to webserver.bar,  
>>> will
>>> they be routed to the correct machine?
>> ...
> Is it correct to say that the configuration I alredy have (pppoe and  
> different IPs) is the best choice?

I think so, yes.

Stroller.

Re: [gentoo-user] Re: Different servers behind the same router

[Momesso Andrea]

[-- Attachment #1: Type: text/plain, Size: 1894 bytes --]

On Wed, Feb 04, 2009 at 01:36:55AM +0200, Nikos Chantziaras wrote:
> Momesso Andrea wrote:
>> On Tue, Feb 03, 2009 at 05:52:13PM +0000, Stroller wrote:
>>> On 3 Feb 2009, at 17:43, Momesso Andrea wrote:
>>>> ...
>>>> What happens if I decide to switch to the "router" configuration? If I
>>>> have a single IP for all the machines in the LAN, when someone from the
>>>> outside will try to connect to homeserver.foo or to webserver.bar, will
>>>> they be routed to the correct machine?
>>> No, they will all reach the router's IP address. It will have an option 
>>> for "port forwarding" so that you can forward port 80 to the webserver 
>>> and ports 25 & 110 to the mail server. If you have two webservers behind 
>>> the router then you need to use one to proxy forward to the other.
>>>
>>> "NAT" is another Google keyword.
>>>
>>> Stroller.
>> Is it correct to say that the configuration I alredy have (pppoe and 
>> different IPs) is the best choice?
>
> Since your ISP offers you the option to have two different IP, yes that the 
> best choice.  Over here I would have to pay quite some money to get an 
> extra IP.  So you're lucky I guess.
>
> Also, if your ISP allows PPPoA too instead of only PPPoE, use that instead. 
>  It's a bit more optimal due to less overhead.  But it's not critical or 
> something.  Just a little and safe optimization.
>

Looks like my ISP allows both PPPoE and PPPoA. 
After some superficial googling it looks like PPPoE is preferred over
ethernet modems and PPPoA over USB ones... Is it true?

By the way what I need to do is to enable CONFIG_ATM and
CONFIG_PPPOATM in the kernel and reemerge ppp with the "atm" USE flag.

Then I need to change " plugins_ppp1=( "pppoe") " into " plugins_ppp1=( 
"pppoa vc-encaps") " in my /etc/conf.d/net.

Is that all I need to have PPPoA working?

=======
TopperH
=======

[-- Attachment #2: Type: application/pgp-signature, Size: 197 bytes --]

[gentoo-user] Re: Different servers behind the same router

[Nikos Chantziaras]

Momesso Andrea wrote:
> Looks like my ISP allows both PPPoE and PPPoA. 
> After some superficial googling it looks like PPPoE is preferred over
> ethernet modems and PPPoA over USB ones... Is it true?

Nope.  PPPoA is preferred generally, although not strongly so.  The 
difference should be very minor, but if it's for free, why not use it?


> By the way what I need to do is to enable CONFIG_ATM and
> CONFIG_PPPOATM in the kernel and reemerge ppp with the "atm" USE flag.
> 
> Then I need to change " plugins_ppp1=( "pppoe") " into " plugins_ppp1=( 
> "pppoa vc-encaps") " in my /etc/conf.d/net.
> 
> Is that all I need to have PPPoA working?

Not sure, since I'm on a DSL NAT router/modem that connects to my ISP 
with PPPoA and to the PC with ethernet.  But you can just try and see.