[clug] LAN

miloska miloska at gmail.com
Tue Sep 24 13:10:36 CEST 2013 

np

Why do you want static routes?

As long as all devices in the same IP range no need to any routing settings
at all (except the default gateway, but DHCP will do that for you).


On Tue, Sep 24, 2013 at 9:02 PM, Logan McLintock <u4955237 at anu.edu.au>wrote:

>  Thanks for the quick reply
> You are right, you can do static routing on my netgear - i did know this,
> so stupid. Not sure if I can static 9 routes though - but I will
> investigate
> Also, good point, the LAN should be secured by the router firewall =)
> I will investigate -)
> Thank you
>
>  ------------------------------
> *From:* miloska [miloska at gmail.com]
> *Sent:* Tuesday, September 24, 2013 8:16 PM
> *To:* Logan McLintock
> *Subject:* Re: [clug] LAN
>
>   Please note that you sent this email only to me, not to the list.
>
>  My recommendation would be to set up the DHCP server to give static IPs
> for known mac addresses - this is what I have at home myself with my
> beloved raspberry pi. Most likely your rotuer has this option - it's a bit
> of a work to find all MAC addresses, but it also should be there somewhere
> in your router's configuration interface.
>
>  Also there is no direct connection between the static/dynamic IPs and
> the packetfilter configurations - I'd recommend do one thing at a time. As
> it's an internal network I wouldn't worry too much about the filtering
> anyway (as long as the main firewall is maintained correctly).
>
>  Cheers,
> Miklos
>
>
>
>
> On Tue, Sep 24, 2013 at 8:09 PM, Logan McLintock <u4955237 at anu.edu.au>wrote:
>
>>  Sorry for the delay,
>>
>>  ANU moved my email to Outlook Office 365 (micro$oft lol), so I was
>> wondering where my email was getting to . . .
>> I will have to fix my email settings lol
>>
>>  My problem is, my current network is DHCP and I need static ip
>> addresses to use MPI and other parallel computing. But when I change a
>> computer to a static ip, after a while the internet doesn't work properly?
>>
>>  For linux:
>>
>>  sudo iptables -I INPUT 1 -i lo -j ACCEPT
>> sudo iptables -A INPUT -m conntrack --ctstate ESTABLISHED,RELATED -j
>> ACCEPT
>> sudo iptables -A INPUT -p tcp --dport 22 -s 192.168.0.0/16 -J ACCEPT ***
>> I think this should work?
>> sudo iptables -A INPUT -j DROP
>>
>>  For BSD:
>>
>>  block in all
>> pass out all keep state
>>
>>  *** Not sure how to let in SSH using pf
>>
>> pass in proto tcp to any port 22 keep state ??
>>
>>
>>  That's basically it lol. I was kind of just wondering what you guys
>> would do if you were me? My Mac has 3 by 1 TB WD Black HHD and a 120GB SSD,
>> so should I use that storage to file share as I don't have a NAS?
>>
>>  What should I do to make the network gangster? Thanks -)
>>
>>  Regards,
>> Logan
>>
>>  ------------------------------
>> *From:* miloska [miloska at gmail.com]
>> *Sent:* Sunday, September 22, 2013 5:32 PM
>> *To:* Logan McLintock
>> *Cc:* linux at lists.samba.org
>> *Subject:* Re: [clug] LAN
>>
>>    Hi Logan,
>>
>>  what is the problem with the current setup and/or what do you want to
>> improve?
>>
>>  The current setup looks good for me for a small general purpose network.
>>
>>  Cheers,
>>
>>
>> On Sun, Sep 22, 2013 at 5:24 PM, Logan Ryan McLintock <
>> u4955237 at anu.edu.au> wrote:
>>
>>> Oh I forgot to mention (this may or may not be important) but one of the
>>> computers (Mac Pro) has a lot more power and memory than the other
>>> computers, and it is the only one with double ether.
>>>
>>>
>>> On 22/09/2013, at 5:19 PM, Logan Ryan McLintock <u4955237 at anu.edu.au>
>>> wrote:
>>>
>>> > Hi All,
>>> >
>>> > I was wondering if some could give me some suggestions on my home
>>> network.
>>> >
>>> > I have a;
>>> >
>>> > * N600 Wireless Dual Band Gigabit ADSL2+ Modem Router DGND3700v2
>>> >
>>> > * and 9 computers (4 are R Pis lol), all running a Debian or Ubuntu
>>> based distro, except for two running Mountain Lion (I would like to get rid
>>> of Mountain Lion for GNU/Linux, but I am not sure if the drivers, fans,
>>> temperature, efi etc will be ok).
>>> >
>>> > I am thinking that static ip addresses for the computers would be best
>>> as my aim is to;
>>> >
>>> > * Use ssh to perform parallel mathematical simulations (like mpi)
>>> >
>>> > However, I want the ssh to only work inside the LAN with a safe key as
>>> security is important (no WAN access).
>>> >
>>> > My network looks like:
>>> >
>>> > Router ---> 8 port switch -------> computer 1
>>> >                          |-------> computer 2
>>> >                        |-------> computer 3
>>> >                          |-------> computer 4
>>> >                          |-------> computer 5
>>> >                          |-------> 5 Port Switch ---------> R Pi 1
>>> >                                                 |---------> R Pi 2
>>> >                                                 |---------> R Pi 3
>>> >                                                 |---------> R Pi 4
>>> >
>>> > Any suggestions would be greatly appreciated as I am really not sure
>>> the best way to do this.
>>> >
>>> > I have some knowledge of GNU/Linux iptables and freeBSD pf firewall
>>> rulesets.
>>> > I was thinking of making my own router using a computer with two ether
>>> connections, and putting it in-between my NETGEAR router and my LAN, but
>>> this seems complex for a noob like me.
>>> >
>>> > Cheers fellow genii -) cyclops
>>> > Logan
>>>
>>> --
>>> linux mailing list
>>> linux at lists.samba.org
>>> https://lists.samba.org/mailman/listinfo/linux
>>>
>>
>>
>

More information about the linux mailing list