Date: Mon, 15 Mar 2004 18:09:19 +0200 From: "Toomas Aas" <toomas.aas@raad.tartu.ee> To: Robert Storey <y2kbug@ms25.hinet.net> Cc: questions@freebsd.org Subject: Re: bypassing a proxy server Message-ID: <200403151609.i2FG9feX015785@lv.raad.tartu.ee> In-Reply-To: <20040315201004.21d1a6f1.y2kbug@ms25.hinet.net>
next in thread | previous in thread | raw e-mail | index | archive | help
Hi! > Furthermore, I want the FreeBSD machine to run an anonymous ftp > server. Forgive the crappy drawing (I never claimed to be an artist), > but this is how the network looks at the moment (except that there > are 10 Windows clients, not 2): > > > |-------| > |windows| > |------------| |------| |client | > | Win2000 | | |----|-------| > T1--------|proxy server|----|switch| > | & gateway | | |----|-------| > |------------| |---|--| |windows| > | |client | > | |-------| > | > |-----|----| > | FBSD ftp | > | server | > |----------| > > OK, I'm convinced, running a ftp server from a NAT gateway is a > disaster. So I'm looking for a way around it. I have an old unused hub, > and I've been thinking that this might be a possible solution (sort of > like a DMZ?)... > > |-------| > |windows| > |------------| |------| |client | > | Win2000 | | |----|-------| > T1--HUB---|proxy server|----|switch| > | | & gateway | | |----|-------| > | |------------| |------| |windows| > | |client | > | |-------| > | > |----|-----| > | FBSD ftp | > | server | > |----------| Yes, with that kind of setup your FTP server is likely to be much better accessible than with the previous one :-) Assuming, of course, that the external interface of Windows 2000 server is Ethernet and there are no tricks like PPPoE involved. > The only problem I see here is I don't know how I'm going to get an > address for the ftp server. The Win2000 gateway has a static address, it > dishes out addresses to the clients with dhcp. The NAT addresses are of > course internal addresses like 10.0.0.12, but the school does own a > block of 64 static addresses. Well, then you just need to ask your school's admin to give you one of those static (I assume you mean public?) addresses and assign it to your FreeBSD machine manually. > If I simply stick a hub in front of the gateway machine, all traffic > to the gateway will also be sent to the ftp server - I know that will > cause packet collisions, but I can live with the crappy performance > because it's a very low traffic environment. My main concern is > simply how to assign an address to the ftp server without > disconnecting the gateway machine. You just need to assign an address which is different from that of the public interface of the Windows server :-) Otherwise the Windows admin *will* come for your head :-) -- Toomas Aas | toomas.aas@raad.tartu.ee | http://www.raad.tartu.ee/~toomas/ * I've got a life but it won't run on my operating system.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200403151609.i2FG9feX015785>