[Coldstuff] IP Masq / forwarding
Bruce Mitchener
coldstuff@cold.org
Wed, 20 Feb 2002 13:05:31 -0700
Brandon Gillespie wrote:
> On Wed, Feb 20, 2002 at 11:19:31AM -0800, Jonathan Robertson wrote:
>>I am going to be toying around with the idea of using
>>ip masq and forwarding to hide my server behind
>>another firewall. Has anyone else already done this?
>>Comments or suggestions from anyone?
>
> Please correct me if I'm wrong, but isn't linux's IP masquerading just
> PAT/NAT? If so, its not really appropriate for a server (inbound) and
> was originally designed to hide a network behind a single IP address
> (outbound). While you can manage inbound on a port by port basis to a
> server... why would you in this situation? It would work, but you
> dont get much value and you do get more complexity...
Speaking for myself, I use NAT because I have a single IP at home and
have 4 machines. I run multiple Cold servers, multiple SSH servers,
multiple web servers, and so on and need them all publicly accessible
from the outside world.
NAT works just fine for that.
- Bruce