[MLB-WIRELESS] IP Tables.

Zoi Jones zoiqq at yahoo.com.au
Wed Apr 6 22:54:20 EST 2005 

Thanks David,

I will have a play with RIP with your idea about a
setup...

OSPF however I dont know much about (will google it)

Is there much to setting up OSPF ?

Phil.


--- David Ashburner <d_ashburner at hotmail.com> wrote:
> >Ok,
> >
> >So I need to setup my p2-333 with SHOREWALL maybe ?
> 
> You could do it that way. Here's another:
> 
> Instead of bringing everything into a single routing
> box continue to treat 
> both your external interfaces as separate
> connections.
> 
> 1. Your Internet connection is already firewalled
> and doing everything you 
> need it to do through the  Netgear DG814 aDSL
> Modem/Router.
> 
> 2. Separate the MW part of your node from your
> private stuff. It sounds like 
> you have set up a private  LAN with a couple of
> segments - routed via 
> wireless. If you want to make the wireless part
> "public" then think about 
> having a router/firewall between the (local) part of
> your private LAN and 
> the wireless stuff ( becomes a public segment with
> multiple wireless 
> interfaces)
> 
> 3. Use your WRT54G to connect between your private
> segment and the new 
> wireless public segment. Set up the firewall on the
> WRT to protect your 
> private stuff in the same way as you set up the
> firewall on the DSL side - 
> block all incoming  except those services you want
> to forward to specific 
> servers.
> 
> 4.  Use Melb Wireless IP addresses for all the inter
> node set-up.  To extend 
> your private network between your nodes you now need
> to traverse the public 
> space, use some VPN type software or set up
> encrypted tunnels through the 
> public space ( I use ssh tunnels like this across
> the internet between Melb, 
> San Francisco and Austin).
> 
> --- sidebar ---
> My node is set up this way - 
> http://www.melbournewireless.org.au/wiki/?NodeHYA
> 
> I'm not as advanced as you are with connections or
> extending the private 
> segment across the public space but I don't see why
> it wouldn't work.
> 
> You will notice that I have a physical public
> segment outside the firewall, 
> it's effectively a dmz  zone where I can put servers
> if I want/need to 
> rather than contacting them using port forwarding. 
> I have my second WRT 
> connected to my private segment via the WAN port.
> 
> --- end sidebar ---
> 
> or - do something simpler ....
> 
> 
> OK - so that's the physical connection side. Next
> you need to think about 
> your routes.
> 
> In your private space you  need to be able to
> resolve 3 address groups, 
> parts of your private space, the Internet and Mebl
> wireless.  Your default 
> route will probably stay being the DSL router.  The
> VPN endpoints will pick 
> up the routes for the remote parts of your private
> space and you set the WRT 
> to be the default route for any 10.10.0.0 traffic.
> 
> In your public space (the MW side ) you will need to
> set up routing to get 
> traffic to the right adjacent nodes. That's where
> the RIP / OSPF type 
> configuration comes into it, or if you are
> configuring the Node that is on 
> the edge of your control BGP.
> 
> Sorry, too much Alphabet soup.
> 
> Bring this up at the meeting on Friday when you get
> there, it's a great 
> discusion topic. Perhaps we could collectively white
> board a couple of 
> solutions and use the combined wisdom to come up
> with the simplest / most 
> effective.
> 
> 
> 
> To unsubscribe: send mail to
> majordomo at wireless.org.au
> with "unsubscribe melbwireless" in the body of the
> message
> 
> 

Find local movie times and trailers on Yahoo! Movies.
http://au.movies.yahoo.com

To unsubscribe: send mail to majordomo at wireless.org.au
with "unsubscribe melbwireless" in the body of the message

More information about the Melbwireless mailing list