Electronic Books

This is a good arrangement for several reasons. For one thing,
the IP addresses of your private computers are not exposed to the outside world. Also,
you can save the cost of paying your ISP for permanent IP addresses.
 DHCP service??”Many firewall systems can act as a DHCP server. Those private IP
addresses you can use with a NAT firewall can be assigned from the DHCP service running
on your firewall system. When the client computer on your LAN starts up, besides
its IP address, your DHCP service can tell the client the location of its DNS server, gateway
to the Internet, or other information.
ISP
Linux Workstation Route to Internet
Linux
Broadband
Connection
DSL router
or cable modem
Firewall
(iptables)
DHCP
182
Running the Show Part II
 Routing??”In the home and small-office LAN environment illustrated in Figure 5-3, the
firewall computer often has two Ethernet interfaces: one connected to the LAN and the
other to the DSL or cable modem that leads to the ISP. Because the Ethernet interfaces
are viewed as being on separate subnetworks, the firewall/router must be configured to
forward packets across the two interfaces. It??™s not a big deal, but it does require a separate
step to tell the firewall system that you want it to forward packets between the two
subnetworks.


Pages:
390 391 392 393 394 395 396 397 398 399 400 401 402 403 404 405 406 407 408 409 410 411 412 413 414