RE: network/ limited number of ips
Way, way too much overkill. You certainly don't need 6 access points, especially at over a grand each for Cisco. Youre right 3 is more than enough. I was just throwing numbers out there ... it is early in the project you know. them all a unique ESSID if you want precise control, patch each one into your physical network and use a single linux box to masquerade them to the building is one block away from our main campus and it has no network wiring in it. I have to start from zero on the network side. That why I say wireless fairly easily to setup.. the internet using a single public ip address and an access list of internal ip's that you assign. If it's an ip address not allowed to be masqueraded, then nobody can steal services from you. A good reason to stay away from DHCP and use fixed addressing. With the cisco 350 I can register the network cards by MAC address. Preventing anyone from stealing a ip address. 40 ip addresses should be a no brainer to administer. I am terrible lazy... some of the students will be using laptops in this building and on the main campus. Roaming laptops.. I was hoping I could register the MAC (with the Aironet) on student housding building and the main campus. We are a small school so chances are I can get by with this.. Thanks for the input! ___ Linux-users mailing list Archives, Digests, etc at http://linux.nf/mailman/listinfo/linux-users
RE: network/ limited number of ips
-Original Message- From: David A. Bandel [mailto:[EMAIL PROTECTED]] Sent: Friday, January 18, 2002 8:39 AM To: [EMAIL PROTECTED] Subject: Re: network/ limited number of ips On Fri, 18 Jan 2002 07:37:10 -0600 Schmeits, Roger [EMAIL PROTECTED] spewed into the bitstream: [snip] the internet using a single public ip address and an access list of internal ip's that you assign. If it's an ip address not allowed to be masqueraded, then nobody can steal services from you. A good reason to stay away from DHCP and use fixed addressing. With the cisco 350 I can register the network cards by MAC address. Preventing anyone from stealing a ip address. I prevent this by using iptables and only accepting known MAC addresses. However, this will _not_ prevent someone from reconfiguring their MAC address (i.e., doing a MAC address takeover) and breaking into your net, but it does make it a little more difficult. Combine that with WEP and you should be OK against 99% of folks who want to try to break in. 40 ip addresses should be a no brainer to administer. I am terrible lazy... no cure for this, but I'd suggest using bootp rather than dhcp or static IPs. Ciao, David A. Bandel -- Focus on the dream, not the competition. -- Nemesis Racing Team motto Internet (H323) phone: 206.28.187.30 ___ Linux-users mailing list Archives, Digests, etc at http://linux.nf/mailman/listinfo/linux-users ___ Linux-users mailing list Archives, Digests, etc at http://linux.nf/mailman/listinfo/linux-users
Re: network/ limited number of ips
On Fri, 18 Jan 2002 10:32:02 -0600 Schmeits, Roger [EMAIL PROTECTED] spewed into the bitstream: [snip] Why bootp? you assign a specific IP to a specific MAC. Tradeoff between a static IP and a completely dynamic one. You'll use dhcpd to do this, it just takes a little more setup. Ciao, David A. Bandel -- Focus on the dream, not the competition. -- Nemesis Racing Team motto Internet (H323) phone: 206.28.187.30 ___ Linux-users mailing list Archives, Digests, etc at http://linux.nf/mailman/listinfo/linux-users
RE: network/ limited number of ips
The method I use to NAT from a private subnet to a public IP is to use an LRP (Linux Router Project) derived boot disk. The best place I know of to get these is at http://leaf.sourceforge.net . I don't know if they have wireless support or not, though. The one I use for my network is called Oxygen, and it works very well. -Original Message- From: Schmeits, Roger [mailto:[EMAIL PROTECTED]] Sent: Thursday, January 17, 2002 11:45 AM To: '[EMAIL PROTECTED]' Subject: network/ limited number of ips Got a question... We have a student housing building that has about 40 students. We have been wanting to wire the building but the cost has always stopped us ($4). I have been playing with the idea of using 5 or 6 Cisco aironet 350 access points and have the students purchase a PCI wireless card for their machine. For our Internet connection we are in the process of contacting Qwest for a business line. At this time I do not know at the details for a Internet connection. Mainly how many IP's we would get, cost, bandwidth, etc. Knowing all of that - How can a person setup a machine linux running to act as a NAT (???)/DHCP server when you have only been assigned anywhere from one to six IP's addresses? How does one tackles such a situation? Or better yet which HOW-TO's to I read? Roger ___ Linux-users mailing list Archives, Digests, etc at http://linux.nf/mailman/listinfo/linux-users ___ Linux-users mailing list Archives, Digests, etc at http://linux.nf/mailman/listinfo/linux-users
Re: network/ limited number of ips
Schmeits, Roger wrote: Got a question... We have a student housing building that has about 40 students. We have been wanting to wire the building but the cost has always stopped us ($4). I have been playing with the idea of using 5 or 6 Cisco aironet 350 access points and have the students purchase a PCI wireless card for their machine. For our Internet connection we are in the process of contacting Qwest for a business line. At this time I do not know at the details for a Internet connection. Mainly how many IP's we would get, cost, bandwidth, etc. Knowing all of that - How can a person setup a machine linux running to act as a NAT (???)/DHCP server when you have only been assigned anywhere from one to six IP's addresses? How does one tackles such a situation? Or better yet which HOW-TO's to I read? Roger Way, way too much overkill. You certainly don't need 6 access points, especially at over a grand each for Cisco. Besides, an access point opens your network up to anyone scanning for them. Alternative: Buy 6 Maxtech Mini-AP's which are simply external clients for p.c.'s, give them all a unique ESSID if you want precise control, patch each one into your physical network and use a single linux box to masquerade them to the internet using a single public ip address and an access list of internal ip's that you assign. If it's an ip address not allowed to be masqueraded, then nobody can steal services from you. A good reason to stay away from DHCP and use fixed addressing. 40 ip addresses should be a no brainer to administer. -- Andrew Mathews 1:37pm up 5 days, 20:17, 4 users, load average: 1.01, 1.02, 1.06 BOFH excuse #103: operators on strike due to broken coffee machine ___ Linux-users mailing list Archives, Digests, etc at http://linux.nf/mailman/listinfo/linux-users
Re: network/ limited number of ips
Schmeits, Roger wrote: Got a question... We have a student housing building that has about 40 students. We have been wanting to wire the building but the cost has always stopped us ($4). I have been playing with the idea of using 5 or 6 Cisco aironet 350 access points and have the students purchase a PCI wireless card for their machine. For our Internet connection we are in the process of contacting Qwest for a business line. At this time I do not know at the details for a Internet connection. Mainly how many IP's we would get, cost, bandwidth, etc. I don't know how much about wireless. Certainly it's easier, but probably more expensive and maybe less secure (at least you'd have to think about those things). It shouldn't be terribly hard to wire the building yourself, depending on how it's built. I'd be happy to offer advice about that. I would think it would only take a week or less, and less than $4000 in equipment. As for Internet access, if you get DSL from Qwest that's probably the most cost effective connection. I don't know what type of bandwidth you'd need but even going above 256/640k isn't too much. If you do get DSL, the Cisco 678 you'll get will do NAT, DHCP, and packet filtering (a little) for you. You may still have use for a Linux router/firewall box, but you probably don't need static IP addresses. The one dynamic one that comes with basic service will probably do. If you want to run servers, that's a different story, but just to get students on the net you don't need your own block of IPs. I don't see any reason to run your own servers. There are plenty of free email services where students can get accounts (maybe even from the school). If you let the DSL modem do DHCP, you won't have to worry about DNS and such too much. Admittedly I've never done this on this scale, so there may be problems I don't forsee. But I have done some shoestring installs like this before. Dave ___ Linux-users mailing list Archives, Digests, etc at http://linux.nf/mailman/listinfo/linux-users
