[User] bridged configuration

Jeremy Malcolm jmalcolm at eff.org
Thu Jan 15 10:59:08 PST 2015 

On 14/01/2015 5:42 pm, Ranganathan Krishnan wrote:
>> +---------+    +-------+    +-------+
>> |DSL modem+----+ Linux +----+ Apple |
>> +---------+    |  box  |    |airport|
>>                +---+---+    +-+----++
>>                    |          |    | 
>>                    |          |    | 
>>                 +--+--+       +    + 
>>                 | VPS |      eth  wifi
>>                 +-----+              
>>
>> The DSL modem is currently in bridge mode which means it is invisible
>> to the network, the Linux box receives the WAN IP address from my ISP
>> and is currently doing the NAT and DHCP, and the Airport is also in
>> bridge mode and is only responsible for putting its ethernet ports
>> and wifi onto the same network as the Linux box.
>
> So the OpenWireless router is to replace the Apple airport, I assume.

Yes.

> How important is it that the ethernet ports and wifi be on the same
> network 
> as the linux box ? If it is not critical (if some thing breaks because of 
> additional networks for eth and wifi let me know, there are probably 
> relatively simple changes on the openwireless router that can fix
> that).

There are some services running on the Linux box that use broadcasts
that I'm not sure how to route between networks.  This include DLNA
(UPNP) and perhaps Netatalk (afp).

> Alternatively (and preferable from a security viewpoint) is to connect
> the 
> WAN port on the OW router to the DSL modem and let it get address from 
> ISP via DHCP and do the NAT. Then have your linux box connect to an 
> ethernet port on the OW router (possibly with additional NAT).

That's doable.  I'll just need to shift the firewall rules that I
currently have on the Linux box over to the OW router.

Thanks!

-- 
Jeremy Malcolm
Senior Global Policy Analyst
Electronic Frontier Foundation
https://eff.org
jmalcolm at eff.org

Tel: 415.436.9333 ext 161

:: Defending Your Rights in the Digital World ::


-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 244 bytes
Desc: OpenPGP digital signature
URL: <https://lists.eff.org/pipermail/user/attachments/20150115/dd0eaaa3/attachment.sig>

More information about the User mailing list