On Tue, 27 May 2003, Dan Swartzendruber wrote:
> At 11:47 AM 5/27/2003 -0700, David Morris wrote:
> >Jon,
> >
> >If you have an ethernet behind the DSL modem and can attach 9 PCs to that
> >network, and they can each connect to the internet using static IP
> >addresses, then you have all the routing support you need.
> >
> >Pick one of your 9 addresses.
> >
> >Choose a subnet from the class C which includes that address as
> >neither the network (0) or broadcast (all 111s) address.
> >
> >Configure your PSN to be that subnet.
> >
> >Configure your server for that address and connect it.
> >
> >Set up your tunnel from the chosen address to the PSN.
> >
> >That should be sufficient. This unfortunately is theoretical since I
> >can't set up a configuration to mimic what I'm suggesting.
>
> This doesn't sound right. If the 9 IP addresses are on the DSL segment,
> how can he move a subnet of it
> to the PSN? The EXT interface still needs a valid IP in that range also
> (and it can't overlap with the subnet
> he is trying to use on the PSN.) Also, this will most likely run afoul of
> the subnet mask being wrong on the
> DSL providers core router (e.g. it will probably think it can ARP for any
> of those 9 addresses, and unless the
> gnatbox is doing proxy arp, this will fail.)
The EXT interface shouldn't change its definition in my proposal.
Within its range of 9 contiguous addresses, pick a 4 address subnet
and assign that to the PSN interface.
Then define IP Pass Through for the one available address in that set.
I tried a bit of a mock up in GB Admin and have extracted the result
from the configuration report. xx.yy.zz.128/28 is my EXT interface.
The subnet I chose was: xx.yy.zz.140/30
I wasn't sure from my read of the online help whether I needed two
hosts/networks or 1 so I defined two as recipocals of each other.
Then I defined a filter. (Re-reading, a 2nd filter is probably
required ... for the outbound direction.)
IP Pass Through can't work if the subnet on the PSN can't overlap the EXT
interface. Or I'm still missing a clue or two.
Here is the output (which had no GBAdmin reported errors):
GNAT Box Software Configuration Summary
--------------------------------------------------------------------------------GNAT
Box Version: 3.2.0 Tue 2003-05-27
14:57:54--------------------------------------------------------------------------------
Basic Configuration
DNS
External name server: xx.yy.zz.131
Internal name server: 10.1.2.49
Domain: xpasc.com
Features
xxxxxxxx-xxxxxxxx-xxxxxxxx-xxxxxxxx - GB-Flash x.x - Registered
(dongle required)
Network Information
LOGICAL INTERFACES
Name Type IP Address Netmask
NIC
------------------- --------- --------------- ---------------
-----
EXTERNAL EXTERNAL xx.yy.zz.140 255.255.255.240
dc3
PROTECTED PROTECTED 10.1.2.1 255.255.254.0
dc0
PSN PSN xx.yy.zz.141 255.255.255.252
dc1
Default route (gateway): xx.yy.zz.129
Hostname: GNAT-Box
IP Pass Through
Hosts/Networks
Index Object or Address Range Interface Options
----- -------------------------------- ------------------
---------
1 xx.yy.zz.140 xx.yy.zz.143 EXTERNAL inbound
2 xx.yy.zz.140 xx.yy.zz.143 PSN outbound
Filters
1 #
Accept "EXTERNAL" ALL
from "ANY_IP"
to xx.yy.zz.142/255.255.255.255
------------------------------------------------------
To unsubscribe: [EMAIL PROTECTED]
For additional commands: [EMAIL PROTECTED]
Archive: http://www.mail-archive.com/[EMAIL PROTECTED]
