0

Happy Holidays everyone!!

I am a newbie to Linux and I just purchased a high-end server for my start-up. After much research, I have decided to set up the machine with Linux.

My problem is more related to TCP/IP.

I am setting up the server to host my website and act as the center peice of my LAN until I can purchase addittional equiptment. The server has 2 NICs. One is connected to the net, the other is connected to my LAN.

My question is:

Should I keep my IP address, Netmask, Network, and broadcast addresses on both cards the same since they each connect to different zones of influence, my intranet and the internet? If I have to make the addresses for my subnet different, what range of addressing should I use if I am using a class B network size and allowing for 510 hosts using a subnet mask of 255.255.254.0?


Thanks,
Mike

5
Contributors
8
Replies
11
Views
14 Years
Discussion Span
Last Post by piratheepan
0

I don't think your question has anything to do with Linux, more about Networking. The best man to answer this question is MAD_DOG on these forums. I'll get him to take a look at this question ASAP.

Don't give up, I'll hope to get this answered by tomorrow.

0

The one going to the WAN gets its information from a DHCP server or you supply it (you should know it already). Both nics should have different information. The Intranet should have a unique IP that is on the same network as your other computers (same subnet mask!). Class B is 255.255.0.0 or /16. Search google.com for Linux IP Masquerading HOW-TO or something.

With Linux 2.4.x you'd want to use iptables to forward the Internet to the LAN. You would also use it to port forward. It's very easy (with the HOW-TO).

0

Well, if you have a really crappy computer (like a 100mhz machine, laying around), and you want to make it your firewall and dhcp server, I highly suggest Smoothwall. All you need is two network cards, a 500mb hard drive, and an old processor, however you need a keyboard and monitor to install it (can be removed after install).

Smoothwall makes the machine into a high proformance linux router. All administration is done via a web interface, but can also be done using ssh. It works extremely good, and is a corporate class firewall. I speak with experience - I use it.

0

I am new to networking and linux, so all of your comments and suggestions, I value highly. I'm a graphic artist and web designer. I also have a great desire to do everything myself and I love technology.

Why am I telling you all this?

In trying to start my business I want to educate myself in networking and running my own server/s that will fulfill all my future and business needs.


--Good point about the Linux router. I have a P3 system that I don't use much anymore except for secretarial type matters. I could also build one using some extra components that I have lying around. Plus, building a seperate firewall/router will relieve the server of some work.

Linux question. ----I'm using Redhat 7.3---

The literature I have on Linux and my research on the net has failed to come up with a comprehensive description of the package groups offered in the Linux Package Group Installation during the installation process.

For example: Do I need to install the group named Network Managed Workstation if I am only using the computer as a server?

What is the significance of loading the Authoring and Publishing, Kernal Development, and Software Development packages?

Will installing those packages compromise my server's security? Is the Kernal Development package for editing the kernal and drivers or does it actually allow for reprogramming the kernal and operating system itself?
The same quetions apply to the Software Development Package?

Thanks,
Mike

0

The best thing to do is not install an entire category, but rather only the certain components of a category that you think you'll need. Over time, after using your system for awhile, you'll become familiar with the packages you use all the time and the ones you never touch.

Despite fear of sounding too cocky, I'm going to point you in the direction of a nice post I have here: [thread]378[/thread] which illustrates all of the different methods one can install rpm packages through RedHat, and just how great this package management system really is.

Don't get too caught up in making sure you have every single package you need installed, or too many installed, when you first set up/install your system. Play around a bit, get familiar with your personal needs and wants, and keep in mind that installing or uninstalling a package is always only a single command away.

Kernel development is always a good idea to install right off the bat, as it includes (as far as I can remember, anyway) the kernel source files. If my memory escapes me, for some reason, and the kernel source files indeed are not in the "kernel development" category ... then make sure you install them from whichever category they're in. They are needed to compile any program from its source, which is extraordinary handy. (It's mandatory to have to install many programs, including the NVidia display drivers should you have an Nvidia brand video card).

The packages in the Software Development category are mostly compilers and IDEs ... you'll need these if you're a programmer. (e.g. you want to write programs in C++, Java, shell scriping, etc etc etc).

Authoring contains packages such as word processors, text editors, etc. It's not necessary to install everything here. At bare minimum, though, choose your favorite text editor and install it. If you're a console guy, install a command-line editor such as jed, joe, or vi/vim, in addition to a GUI one.

Personally, I love the program called mc, Midnight Commander, which I believe is in the File Management category of the RedHat CD. It's a console clone of the old DOS file commander.

The only packages which can truly absolutely compromise your server's security right off the bat (although almost all can in some way or another) are in the Server and Daemons categories. It's not a good idea, for example, to run and install the Apache daemon if you're not going to be hosting a site. Otherwise, you're leaving port 80 open. The same goes for an FTP daemon, ssh daemon, telnet daemon, etc. All of these are servers which leave ports open.

Also, make sure you install a firewall, should you not be using a hardware firewall or the like. Lokkit is the firewall program which comes with RedHat. Personally, I don't use a firewall program on my Linux box, as it is behind my WinXP machine on my home network, which runs Norton Internet Security.

Good luck!

0

Just a little addendum... make sure you install GCC and its dependecies. If you ever need to install anything that isn't distrubuted by RPM, you're going to need to build it from the source, which requires GCC.

I'm pretty sure this is in the Software Development section.

0

Yeap, gcc is a c++ compiler, and therefore in the Software Development category. You can also use gcc-java (I believe it's called this), etc for support for java and other languages.

0

u should have a different ip address on a both nic but u should have common ip address for ur lan.

for having 510 host u can use 255.255.254.as a subnet mask and the range of ip address for example if u consider 128.12.0.0 as ur ip address u can choose the range from 128.12.2.0 to 128.12 .3.255 but here 128.12.2.0 is ur network address and 128.12.3.255 is ur broadcastaddress so u cannot use this two ip for ur host ip address remaning ip can be used. this is for setting 510 host. for different host the range of ip address changes if u have any doubt mail it to my email id piratheepanccna@yahoo.co.in


piratheepan

This topic has been dead for over six months. Start a new discussion instead.
Have something to contribute to this discussion? Please be thoughtful, detailed and courteous, and be sure to adhere to our posting rules.