Re: [PLUG] Samba changes

["Austin Murphy" <austin.murphy@gmail.com>]

On 5/24/07, Art Alexion <art.alexion@verizon.net> wrote:
> On Thursday 24 May 2007 15:19, Austin Murphy wrote:
> > Either I don't understand what you are doing or you are
> > way-overthinking this problem.  There should not be any "WAN" links
> > with both ends on your premises.
>
> Perhaps I misused the term.  I was using it in the way that the router
> configuration interface uses it, i.e. connections to the ISP/Internet vs. LAN
> being connections to the local private network.

OK. It's not really a big deal.  I was concerned that maybe you had a
separate network segment for each link.  That would have been strange.

> > The standard configuration for something like this would be to let the
> > router assign all your internal IP's.  You can make the IP assignments
> > static in most routers.    It would end up looking something like
> > this:
> >
> >   Router:
> > public side: ISP assigned public IP addr.
> > private side: 192.168.1.1
> >  Wired:
> > rodney: 192.168.1.10
> > chubby: 192.168.1.11
> >    Wireless:
> > stinky: 192.168.1.20
> > nighttime: 192.168.1.21
> > sara: 192.168.1.22
>
> OK.  This I can I can do, and in the process I guess I should eliminate the
> IPs in the wired computers' hosts files?  Should I replace them with the
> newly assigned static IPs?  The other thing I can do is configure the router
> for the existing static IPs.  Is that a better approach?  (On second thought,
> maybe that won't work because the router uses the 192.168.1.2-64 range, and
> the existing IPs are in the 192.168.0.1-4 range.)

My advice would be to stick with DHCP in any broadband router.

Try this:
1. eliminate the extra entries in your hosts files. (leave the
original entry for 127.0.0.1 localhost)
2. Set each system to use DHCP to get an IP automatically from the
router.  This will also get the netmask, gateway IP, and DNS server
IP's which saves you from manually configuring each system.
- Many routers can display this table of IP addresses with the MAC
addresses of each system.  Many routers also give you the option to
"lock-in" this MAC-->IP mapping. It may also give you the option to
set a local domain suffix and DNS names for each system.
3. Go ahead and lock in each mapping.  If your router has a different
configuration system, find out how to make the MAC-to-IP mapping
permanent. The point is for the same system to get the same IP address
everytime using DHCP.

If the router does not serve up DNS names for local systems, you can
recreate a fresh hosts file and copy it to each system.  Otherwise you
could just refer to the systems by IP address.

> > Most routers also have "DMZ" function that would allow one of your
> > internal systems to have all externally originated traffic to be
> > forwarded to.  This is useful to run an SSH, web or mail server.
>
> I'm not sure about this, but I am most concerned with file and printer sharing
> for now.

The DMZ only matters if you want to access your internal network from
the internet.  If you don't want or need to access your internal
private network from the internet now, you don't need to configure
anything related to a DMZ.

If you can't ping rodney from chubby in the new configuration, you
might have a firewall setup.  The default "firewall" configuration on
a typical router will not block internal-to-internal communication.
If you changed that, it could be a problem.

Austin
___________________________________________________________________________
Philadelphia Linux Users Group         --        http://www.phillylinux.org
Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce
General Discussion  --   http://lists.phillylinux.org/mailman/listinfo/plug