Need network advice
Chuck Kuecker
ckuecker at ckent.org
Fri Jun 25 12:25:44 UTC 2010
Hello,
I am running Ubuntu 9.10 for my DNS, web page, and email server, as well
as to develop embedded Linux code for a customer. I have a development
kit that needs to access the Internet to serve an internal web page. My
Internet connection is T6 wireless broadband, and I have a static IP.
I installed a second Ethernet card in the Ubuntu box for the embedded
device to connect to. It is running on the 10.0.0.x network. My main
local network between the broadband modem and other computers, including
the Ubuntu box, is 192.168.0.x.
The problems: First, I am running Firestarter as an interface to the
firewall, and have it set to allow traffic to my email and web servers
from the Internet. My DNS setup is working fine for this. When I have
the firewall enabled, the 10.0.0. network cannot reach the Ubuntu
machine for TFTP, HTTP, or email. If I disable the firewall, I can talk
to the development system via TFTP, and see the internal web page if I
enter the local IP in Firefox. The IP of the Ubuntu port is 10.0.0.1,
the development system is on 10.0.0.2. I can TFTP from the dev system to
the main box at 192.168.0.200 with the firewall off, but this fails with
the firewall on. I don't see any rules in Firestarter that should cause
this. A fix would be nice in that I would not have to kill the firewall
every time I want to access the development system, but if it's too much
trouble, I can live with this.
Ultimately, I want the local DNS server to steer HTTP traffic for the
development system to its' internal IP, while HTTP traffic to my regular
web site goes to the main web server on the Ubuntu box at 192.168.0.200,
so my customer could access and interact with the development system.
Obviously, I cannot give him the internal IP address to put in his
browser. I think I need to make changes to the BIND configuration files,
and have studied the O'Reilly DNS and BIND book, but I just get more
confused.
I can post my DNS zone files if that helps.
Another thought occurred to me - could I simply put the development
system on the 192.168.0 network, and have my DNS steer traffic directly
to that IP? Do I really need two Ethernet ports in the main computer?
Maybe I am making this more complicated than I need to. I only installed
the second port because the examples in the O'Reilly book seemed to make
that look like the only way I could get it to work. The firewall issue
did not exist when everything was on the 192.168.0 network.
Any help would be greatly appreciated. I'm not a network person!
Chuck Kuecker
More information about the ubuntu-users
mailing list