[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: At Last

To: droege@snapmail.us, TASS <tass@listserv.wwa.com>
Subject: Re: At Last
From: Chris Albertson <chrisalbertson90278@yahoo.com>
Date: Fri, 4 Mar 2005 11:12:37 -0800 (PST)
Comment: DomainKeys? See http://antispam.yahoo.com/domainkeys
DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=s1024; d=yahoo.com; b=peJjHkcp5gYjIz4shYv0YpvU4RrNI880RduGku78khYavXGXnSEelnJzIlePzGlkEcNNxsSGQ95VrnvqVhmyQkg6ovhMC5TJMO2t69ng0meZu2L39byRpqwSws8B5C2wr5aKhr1Hr+uhi6tEuKcjstue6X6jjVkYVj+INSJc3VU= ;
In-Reply-To: 6667
Sender: owner-tass@listserv.wwa.com

So you have two DSL lines.  One has a dynamic IP address
the other has five static addresses on it.

I assume you want just one network in your house that
all the computers, web cams and so on can use to
intercommunicate AND I assume you want fire walls
setup "correctly". 

This is a complex enough task that you may want a group
of people to discuss a sollution for a while.  Lots of
options.  First off you have without doubt outgrown
what those little "plug and go" routers can handle.

My suggestion would be to set up a router with four
interfaces connected as follows

   1) The "house LAN" no services exposed to the Internet
      only outbound connections

   2) A "DMZ" LAN segmant SSH servers, HTTP, FTP and
      webcam servers.  Accessable from #1 above and
      #3 and #4 below

   3) The "old" DSL services DSL modem

   4) The "new" DSL services DSL modem

I would recommend using a low powered Linux system for
the above router.  It would have four Ethernet cards installed
and run "shorewall" http://www.shorewall.net/
Shorewall is a front end for Linux's native iptables and
makes it work conceptually a lot like Cisco.  It uses
Cisco's "zones" idea  It is easy to use.

The kernel based router would use dynamic tables to assure
continuation of service if one of the two DSL services failed
It could be very robust.  I'd mirrot the routers disk and also
have a tested backup plan for if router smoked that fell back
on the Linksys. 

Action Plan:

Step 1
People who understand this stuff debate the above plan and
add details (like the port numbers, firewall rules. and so
on.)  Rules can be expresed in plain English on a wiki.
I think wiki works best for colaberative design

Step 2
Create a transition plan that is not to disruptive and allows
testing in stages.

Step 3
Draft some poor sysadmin to actually do the work.

Tom has a system that is more complex then many small offices.
I can't think of any off the shelf sollution

--- droege@snapmail.us wrote:
> Many times in the past some of you have asked "how can I help with
> the
> tass project?"
> 
> At last here is a project at which many of you are experts.  It would
> be
> much better for those of you that want data for me to keep working
> getting
> the cameras running and all the hardware working.  That is what I am
> good
> at.
> 
> Here is what I have:
> 
> Network #1, mostly linux machines but some Windoz machines that only
> partially work on the network. This network is connected to the
> internet
> through an Earthlink DSL modem.  All the machines can get to the
> internet
> and  the setup works well.  It has a dynamic IP which I check about
> once a
> day.
> 
> Network #2  a single Windoz XP machine, router/modem with 3 unused
> ports,
> SBC DSL, and 5 static IP addresses.  I can connect my Webcam to this
> network and it works.  If put on Network #1 I can control the camera
> but
> don't get pictures.
> 
> What I want to do:
> 
> Get one network running on the SBC DSL router/modem.  It would be
> nice to
> use one of the fixed IPs for the camera and to get all the computers
> set
> up so they could read from it.
> 
> This is a long term project for me.  It would probably be best if I
> just had one or two of you to help with a longer comittment level. 
> It
> appears that I can give you privelages on my networks so that one of
> you
> could ssh to my system and work.
> 
> I am making good progress on getting Rob's software running.  Last
> night I
> took a good sequence of images.  I would rather work on getting all
> this
> going than fussing with the network.  I can follow instructions on
> what to
> do but they have to be pretty specific.  I just downloaded, for
> example,
> MPlayer as a possible fix for the video problem.  But the README is
> really
> beyond me.
> 
> Tom Droege
> 
> 
> 
> 
> 
> 
> 
> 
> 
> 
> 
> 

Chris Albertson
  Home:   310-376-1029  chrisalbertson90278@yahoo.com
  Cell:   310-990-7550
  Office: 310-336-5189  Christopher.J.Albertson@aero.org
  KG6OMK

__________________________________ 
Celebrate Yahoo!'s 10th Birthday! 
Yahoo! Netrospective: 100 Moments of the Web 
http://birthday.yahoo.com/netrospective/

Follow-Ups:
- Re: At Last
  - From: Peter Mount <petermount@gmail.com>
- Re: At Last
  - From: Fraser Farrell <fraser@trilobytes.com.au>

Prev by Date: Independent analysis of TASS MKIV data
Next by Date: Re: At Last
Prev by thread: Re: At Last
Next by thread: Re: At Last
Index(es):
- Date
- Thread