[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: dual IP

To: mpradhan@healthnet.org.np
Subject: Re: dual IP
From: Brian Candler <B.Candler@pobox.com>
Date: Sat, 19 May 2001 18:27:48 +0100
Cc: tcpws@psg.com
Delivery-date: Sat, 19 May 2001 10:27:00 -0700
Envelope-to: tcpws-data@psg.com

On Sun, May 20, 2001 at 03:36:54PM +0530, mpradhan@healthnet.org.np wrote:
> The dual IP seems working but the problem is as follows:
> 
> If I use the valid IP in the IP address part of workstation for example:
> IP address: 202.52.231.197
> Subnet mask 255.255.255.224
> 
> then I can not telnet with the private IP(192.168.0.1) but I can telnet 
> with valid IP . Earlier I could telnet with private IP even if I have put 
> valid IP in the IP part of network neighborhood of workstation.

I am afraid you are making very little sense, and you will need to draw a
diagram to explain what you are trying to do.

Do you have two physically separate networks, one with private IP space and
the other with public? e.g.

                                 Internet
                                    ^
                                    |
                                  Router
             202.52.231.192/27      |<z>
           --------------+----------+--
                         |<x>
                     Linux box
                         |<y>
           --------------+-------------
             192.168.0.0/24

Or are you using "IP aliasing" so that some boxes have two different IP
addresses on the same network?

                                 Internet
                                    ^
                                    |
                                  Router
                                    |202.52.231.<z>
           -+------------+----------+--
            |            |202.52.231.<x>
            |            |192.168.0.<y>
         Other        Linux box
       workstations

If it is the latter, then how it works will depend on which IP address the
'other workstations' have and where they point default route.

If an 'other workstation' has a 192.168.0 address, and points defaultroute
at the Linux box, it should be able to see both public and private networks.

If it has a public address, and points defaultroute at the router, then it
will not be able to see the 192.168.0 network, unless you add an appropriate
static route on the router. However in many cases you don't _want_ boxes on
public addresses to be able to see the private network, because the NAT box
acts as a kind of 'firewall' between the private and public networks.

Windows protocols (i.e. Netbios and SMB) may get confused if you try to NAT
them. You could configure the Linux box to allow forwarding without NAT
between the 192.168.0 and 202.52.231.192 networks, but then you lose any
'firewalling' protection you may have had. I would suggest you keep all
Windows boxes (workstationsm, NT servers etc) on private addresses. If you
can keep them on a physically separate network, as per the first diagram
above, then so much the better.

Sorry I can't give a specific answer to your problem unless you are more
specific about how your network is constructed.

Brian.

Prev by Date: Re: dual IP
Next by Date: Re: dual IP
Prev by thread: Re: dual IP
Next by thread: Re: dual IP
Index(es):
- Date
- Thread