2 Ip's.. best layout?

R

ranstlin

Weaksauce
Joined
Mar 1, 2003
Messages
75
Ok, I've got 2 IP addresses from my cable provider and I want to use one ip for solely my main machine and the other one for the rest of the house to use behind a router. But I also want to be able to access the files the rest of the house has available.

Here's a picture of the current layout:
netdiag.gif


I know this setup isn't the best, so that's where you guys come in. What I want to know is what is the best way for me to layout this setup so that i only use the internet through my personal ip address and use the other nic just to share files with the rest of the house. I of course would like this to be as secure as possible so let me know what you think I should do. I just recently had to take all of this down because of painting done in the house. So before i set it back up I wanted to know the best course of action. I can reorganize anyway necessary with additional switches, nics, or machines. Thanks.
 
Why does your main machine need to be in the DMZ?

I ask because a DMZ is supposed to be disconnected completely from your main network ( I have rules on my firewall to block any traffic from that machine to the rest of my network, as a matter of fact ). If you can put your main machine behind your firewall, that'd solve your problems, and it's the best solution.
 
It needs to be dmz because i play multiplayer games on it plus i like to serve a few files from it from time to time. So a pretty good deal of incoming connections are necessary. I'm pretty sure the new version clarkconnect has 1-to-1 Nat, so i could run the other connection through the clarkconnect box if that would help.
 
ranstlin said:
It needs to be dmz because i play multiplayer games on it plus i like to serve a few files from it from time to time. So a pretty good deal of incoming connections are necessary. I'm pretty sure the new version clarkconnect has 1-to-1 Nat, so i could run the other connection through the clarkconnect box if that would help.
Click to expand...

Well with the setup in the picture you are opening up your network to the outside world. I'm assuming that the main machine is running windows.
 
Personally i'd scrap the second IP and put all your systems on the router/switch...

Then when you need to serve files or multiplayer games, just forward the required ports to your server/gaming machine.

This will allow you to do to file sharing etc. without any hassle. Having that second IP isn't going to double your available bandwidth or anything and the router should be able to handle the incomming connections without any problem as long as you configure it properly. DMZ is the easy way out really and totally unnecessary.
 
I had a 2nd IP not too long about, before SBC jacked up my ADSL line... but anyway...

If you eliminate the connection from the Main Machine to the bigger switch, you'll have a setup like what I had. Where your Main Machine is, is where I put my Linux box. and Like i said, Eliminate the connection to the bigger switch, it's unecessary.


This way, both your MAin Comp and your Router get an IP. The main computer is directly attached to the internet, so u might think about software firewalls, etc. If the main comp needs to do anything to the internal LAN, it needs to go through the Clark Connect box just like any computer out from the net. This may limit what you can do on the rest of the computers on the LAN, but at least if the Main computers gets pwned, your whole lan wont be infiltrated as easily.
 
You must log in or register to reply here.
Back
Top