network question - is this unusual?

Daniel B. Thurman dant at cdkkt.com
Sun Jun 7 02:27:42 UTC 2009 

Bill Davidsen wrote:
> Daniel B. Thurman wrote:
>> Gerhard Magnus wrote:
>>> I recently had to deal with my ISP about a connectivity problem that
>>> turned out to be on their end. (The tech referred to linux as lie-nux
>>> and insisted on doing everything in XP which I fortunately had
>>> dual-booted.) But in the process of working through this it was
>>> necessary for me to describe the way I'd set up my LAN here and he
>>> seemed incredulous. This wouldn't bother me except that I've gotten 
>>> this
>>> reaction before from people in the outside world but never an
>>> explanation. So I'm asking: is there something weird about this
>>> structure? Is there some "better" or more standard setup?
>>>
>>> The DSL modem Actiontec modem provided by Quest plugs into the phone
>>> jack. The Actiontec is an older model with only one ethernet plug. 
>>> Since
>>> I have four boxes, two of which are dual booting Fedora and XP, I have
>>> an ethernet cable connecting the modem to the DSL plug of a Linksys
>>> router. I then have separate cables connecting the four outlets on the
>>> router to each of the four boxes. (I did all this cabling at a time
>>> before wireless routing was as available and cheap as it is today.)
>>>
>>> Each of the six operating systems (4 linux and 2 XP) has a static IP
>>> address and each has a firewall. I have NFS running on the linux
>>> systems. There's another firewall on the router, which is currently
>>> port-forwarding only ssh and torrent data from the outside world.
>>>
>>> I thought I'd check this out before going further....
>>>   
>> I have done this many times, as far back as I can remember
>> so I'd think it's pretty common.  I have found that some of
>> the first-line techs can be pretty clueless, so you could force
>> escalate to a higher level tech if you are not getting anywhere
>> or, do the research yourself.  Kind of hard to do without an
>> Internet connection ;)
>>
>> My home system  uses a Westell modem, in bridge mode,
>> and is hooked to a Trendnet 300Mb/s wireless router.
Drat.  Sometimes I screw up when writing.  The Wireless router
above is actually behind the firewall, is on the private LAN,
is on a private switch.
>>
>> At another place, I have an ActionTec with Quest branding,
>> pretty azure/blue glow lights modem.  This is one is wireless
>> but without the module and I declined the upgrade (cuz it was at
>> rip-off prices at the time) and got a better deal for an Airlink 150N
>> wireless router at sale prices.
>>
>> As with both modems mentioned abovet, the setup is to set the
>> modems in "bridge" mode  which means, all data is passed through
>> with no restrictions.  After that,  just hook up the Ethernet cable from
>> the modem to your (wireless) router's WAN connection.  What's left
>> then, is to configure the firewall settings on the router.
>>
> In bridge mode does your ISP see all the MAC
> addresses directly and assign IPs?
ISP to Assign IP addresses, Yes.
ISP/DSL-Line sees ALL MAC addresses, No.

The FW router *might* expose it's own MAC Address but
but not the private LAN MAC addresses of systems/devices
behind the FW router.

The FW router's Static/Dynamic public IP address is exposed.
All/Some internal private system's address gateways settings
points to the FW router in order to access the Internet.
> I have been told by friends that the more typical thing is
> that the modem (wireless + four wires mostly) has DHCP and
> does NAT so everything takes but a single IP.
If the modem/(WiFi-)router also provides POTS jack, then true.
If you have multiple IP addresses, one is assigned to the FW
router, and the rest of the IP addresses are NAT assigned to
the private but "public" system(s) of interest.
> My firewall makes sure that happens, my one ISP is a business
> connection with static IPs rather than DHCP, but the other is
> a telco, and I keep a low profile.
Ok.

This is the general setup I have:

     v[Different Domain name providers]
     v[Different Internet provider]
     v[Verizon(DSL-LINE-ONLY)]
ISP1-->Westell---->SonicWall-router-->switch--->PrivateLan
         ^             ^                     \->WLRouter
   [BRIDGE MODE] [Firewall Routers]
         v             v
     v[Different Domain name providers]
     v[Different Internet provider]
     v[Quest(DSL-LINE-ONLY)]
ISP2-->ActionTec-->AirLink-router---->switch--->PrivateLan


Hope this answers your questions!

More information about the users mailing list