From: "rio@martin.mu" <rio@martin.mu>
To: lartc@vger.kernel.org
Subject: Re: [LARTC] Linux router and Bandwidth control
Date: Thu, 26 Jun 2003 03:11:16 +0000 [thread overview]
Message-ID: <marc-lartc-105659722508041@msgid-missing> (raw)
In-Reply-To: <marc-lartc-105654378716670@msgid-missing>
Hi all,
About servers in private network, could you all mention good points why
servers should be put in private network. I must write down some reports
about these, because during this week, i have new jobs maintaining new
organisation that still put their servers in public ip range. I ve just
moved several servers like mailserver,dns,web to private network. And soon
all servers will be moved to the private network.
Thanks.
Regards,
Rio Martin.
Original Message:
-----------------
From: Leigh Waldie lartc@thisisnota.co.uk
Date: Wed, 25 Jun 2003 16:42:26 +0100 (BST)
To: lartc@mailman.ds9a.nl
Subject: Re: [LARTC] Linux router and Bandwidth control
> Hi Joe,
>
> I see no real reason giving the servers real IP addresses, you're better
> keeping the NAT and forward the ports to the private address.
> If you have more than one mail server, you can map diffrent public IP
> address
> to a diffrent private address. this will also keep your servers safe...
>
Agreed this is of course the best way to secure lots of servers.
And if you like the look of "wrr" as a qdisc,
(and it does seem to have some very advanced features -
such as the ability to "spot" large downloads and
automatically decrease the available bandwidth for that
connection for the duration of the download -
although I could be wrong in my understanding of this) ,
then you can still use this qdisc with a NATing router,
so have a look at their site anyway.
The suggestion of a bridge was intended as a simple "no fuss"
solution which can easily be bypassed in times of need -
such as component failure - by simply taking the cable out
of the bridge and plopping it straight back in the router.
I was of course assuming that your "friends" would take
care of their own security, thus removing the burden of you
even telling them about the traffic shaping as well as
preventing you from having to manage all their port forwarding
requirements.
I'm sure the whole business of traffic shaping is far too
complicated for any one answer to be correct even one percent
of the time so I accept that this answer may be useless for you.
Good luck!
Leigh
--------------------------------------------------------------------
mail2web - Check your email from the web at
http://mail2web.com/ .
_______________________________________________
LARTC mailing list / LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
prev parent reply other threads:[~2003-06-26 3:11 UTC|newest]
Thread overview: 8+ messages / expand[flat|nested] mbox.gz Atom feed top
2003-06-25 12:33 [LARTC] Linux router and Bandwidth control Joe
2003-06-25 13:33 ` rio
2003-06-25 14:04 ` Leigh Waldie
2003-06-25 15:19 ` Shay Bosse
2003-06-25 15:22 ` Joe
2003-06-25 15:23 ` Joe
2003-06-25 15:42 ` Leigh Waldie
2003-06-26 3:11 ` rio [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=marc-lartc-105659722508041@msgid-missing \
--to=rio@martin.mu \
--cc=lartc@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.