This is part of The Pile, a partial archive of some open source mailing lists and newsgroups.
Subject: Re: Multiple machines, one IP address. From: Ramon Gandia <rfg@nook.net> Date: Fri, 07 May 1999 10:05:40 -0800 Cimarron Ryan wrote: > > I'm looking at a grim situation: I have two computers, but soon I will only > have one IP address on the network. Is it possible to use my one IP address > for both machines? I have to admit, I don't really understand how a proxy > server or firewall work... would setting one up in linux allow me to keep > both machines online? (Sorry if this question sounds like nails on a > chalk board... I could be waaaay off, and I know it.) You cannot have two machines on the same network with the same IP address. However, it is possible to have any number of machines on the network appear to the outside world as the same IP. Not quite the same thing. Here is how. You use NAT -network address translation- on your router. Your router connects to the internet somehow, and it uses the assigned IP address. For example, 205.123.45.67 On the ethernet or LAN side of your router, you have a different network entirely. This should be a private network, like the 192-168 series. For two machines, you would have this: 1. Network number 192.168.5.0 2. Router itself 192.168.5.1 3. Machine 1 192.168.5.11 4. Machine 2 192.168.5.12 Please note that at this point the internet cannot see or ping your machines and vice versa. Now, you activate NAT on your router. Lets say you want to surf www.redhat.com. The request from your Netscape browser on machine 1 goes to redhat.com on port 80. This is the standard "callup" port number for web. This call is sent to your gateway or router which intercepts the call. The router then passes the call to redhat, but tells it that the call is coming from itself, 205.123.45.67 port 12345 (any arbitrary port). The response comes back from redhat on port 12345. At this point the router -which keeps track of these things- realizes that 205.123.45.67:12345 is actually a reply to your box #1. It then forwards the ip packet to your box #1 using 192.168.5.11:80. There are several ways you can have a router do this. You need a router. This can be a commercial router, or a Linux box running IPMasquerade. The Linux box is a good learning tool; the ipfwadm or ipchains package is what you want, and its similar to Cisco in syntax. If your network is at all serious, like a home network where the kids and wife need internet access via the router at the same time you do with your Linux box, then it will be best to have a separate Linux box do the routing than the one you use yourself. Otherwise you will have a situation like this: Secretary Susie at your office door "Mr Ryan, when will you be done with your computer so we can access the internet?" My observation has been that once a computer is used as a router two things will happen: it either does nothing else but routing, or 2 the network breaks frequently. Thus if you use Linux for a router -other than a learning period- you need a separate Linux box for it. The other solution is a prepackaged router that does NAT. There are some inexpensive ones that work via regular modems such as the WebRamps. http://www.rampnet.com Not much money, they go for about $350 less modems, and you get a web-based setup interface. Dead easy to setup. There are routers from that point on in the scheme of things that will do the job, like a Cisco 2501 if you have a T1 to the internet! ===