good cause: pls respond :-)

good cause: pls respond :-)

Post by Raster Mast » Sun, 19 Oct 1997 04:00:00



 Network advice sincerely requested:

 I have a good friend who is trying to save a very
 small business from disaster.  They are very low
 budget.  The owner passed away and the sysadmin
 who set things up created quite a tangled net, no
 pun intended.

 I'm a graphics guy with more than a nominal amount
 of net experience, but as with all trades, if you
 don't live it and breath it ...

 Anyway...

 System topology:
  unix server ppp dial-up (full time) to ISP  (we call mailhost here)
  server to LAN via 3com hub
  another server, different net address but same (we call workhost for here)
  physical connection via same hub

  10 pc's also on the hub

 The components of the tangle:
  1.  the prior sysadmin set up "mailhost" as the proxy server to http
      but the http server is on the sysadmin's private system
  2.  the company owns a block of ip addresses, so no dynamic assignments
      in the way
  3.  ISP is full service provder
  4.  "mailhost" is a POP server

  I know this is thin, but if there are no simple answers, if
  anyone lives in silicon valley, i could trade my services as
  a graphics engineer for networking services to help out my
  friend, or at least some healthy concise info would be helpful
  to solve the following:

  1.  Need to move the http service "somewhere".  The local
      "mailhost" is pretty slow and the sysadmin had some
      healthy CGI software.  Assume slow is ok for now, would
      it be best to move the http support to the "mailhost"
      or to the ISP ?  Since there is no local router, would
      this even be possible without complex software ?  I
      realize the firewall issues, but for the sake of first
      getting up and running, can this system be pop server,
      http server, ppp interface etc ?  What do i need ?
  2.  The other unix system ("workhost") isn't "seen" by "mailhost" but
      "mailhost" is ping-able from "workhost".  It seems like
      they should be immediately visible to each other if in
      the /etc/hosts file since they are on the same physical
      net.  As I mentioned before, their IP addresses are not
      on the same logical net.  I have no idea why the sysadmin
      who bailed out did such a thing.  Any clues where I should
      begin ?  My friend desparately needs to move files from
      one system to the other.

  my knowledge of networking is in programming the sockets layer
  and that's about it.  I've not found decent information on
  practical applications of gateways, routers on such a
  hybrid network.  The PC's use the "workhost" system as a file
  server and "mailhost" for general internet access.

  Lastly, "mailhost" provides ftp access to some of their
  customers, the number of which are diminishing as things
  fall apart.

  Is there a simpler topology to do all of these things and
  retain the ability to provide ftp service to customers,
  internet access for their pc's etc ?  Http provisions
  could be simplified, eg. eliminating CGI databases if
  need be, with emphasis on stablizing the network and
  maintenance so they can get back on their feet without
  being bled to death by the admin from hell....  :^/

  Please help if ya can, again I'm willing to barter
  services.  They are old pals.

  best regards,

 
 
 

good cause: pls respond :-)

Post by Scam » Wed, 22 Oct 1997 04:00:00


Oh, man, you're grasping at staws here.



Quote:> Anyway...

> System topology:
> unix server ppp dial-up (full time) to ISP  (we call mailhost here)
> server to LAN via 3com hub
> another server, different net address but same (we call workhost for
> here) physical connection via same hub

> 10 pc's also on the hub

> The components of the tangle:
> 1.  the prior sysadmin set up "mailhost" as the proxy server to http
> but the http server is on the sysadmin's private system

 > 2. the company owns a block of ip addresses, so no dynamic

Quote:> assignments in the way
> 3.  ISP is full service provder
> 4.  "mailhost" is a POP server

> I know this is thin, but if there are no simple answers, if
> anyone lives in silicon valley, i could trade my services as
> a graphics engineer for networking services to help out my
> friend, or at least some healthy concise info would be helpful
> to solve the following:

> 1.  Need to move the http service "somewhere".  The local
> "mailhost" is pretty slow and the sysadmin had some
> healthy CGI software.  Assume slow is ok for now, would
> it be best to move the http support to the "mailhost"
> or to the ISP ?  Since there is no local router, would
> this even be possible without complex software ?  I
> realize the firewall issues, but for the sake of first
> getting up and running, can this system be pop server,
> http server, ppp interface etc ?  What do i need ?

Who does your http server on the sysadmin box serve?  Internal or
external (or both).  Your proxy server is for (no doubt) external web
access.  Why don't you just put it on a 'new' box?

Quote:> 2.  The other unix system ("workhost") isn't "seen" by "mailhost" but
> "mailhost" is ping-able from "workhost".  It seems like
> they should be immediately visible to each other if in
> the /etc/hosts file since they are on the same physical
> net.  As I mentioned before, their IP addresses are not
> on the same logical net.  I have no idea why the sysadmin
> who bailed out did such a thing. Any clues where I should
> begin ?  My friend desparately needs to move files from
> one system to the other.

Most likely, your 'mailhost' is a firwall, and won't let anyone from
that side of the network get to your private, probably mission critical
stuff on your workstation.  This is why it is on a different subnet.
This is a good thing, so don't try to change it! If you can ping the
mailhost from the workstation, can't you telnet, or ftp to it as well?

--

(remove NOSPAM to reply)
10/20/97 23:07

 
 
 

good cause: pls respond :-)

Post by Frankie K.T. C » Sat, 25 Oct 1997 04:00:00


[This followup was posted to comp.os.linux.networking and a copy was sent
to the cited author.]


says...

Quote:>  Network advice sincerely requested:

>  I have a good friend who is trying to save a very
>  small business from disaster.  They are very low
>  budget.  The owner passed away and the sysadmin
>  who set things up created quite a tangled net, no
>  pun intended.

I was in a similar situation: the sysadm kinda evaporated, together with
the ISP, who's a pal of this sysadm. The potential client had a block of
real IP addresses. They didn't provide any http/ftp services to the
outside world thou.

Quote:>  Anyway...

>  System topology:
>   unix server ppp dial-up (full time) to ISP  (we call mailhost here)
>   server to LAN via 3com hub
>   another server, different net address but same (we call workhost for here)
>   physical connection via same hub

This is probably the right setup. The internal machines are on a seperate
subnet so packets destinated locally don't go out to the ISP.

Quote:>   10 pc's also on the hub

>  The components of the tangle:
>   1.  the prior sysadmin set up "mailhost" as the proxy server to http
>       but the http server is on the sysadmin's private system
>   2.  the company owns a block of ip addresses, so no dynamic assignments
>       in the way
>   3.  ISP is full service provder
>   4.  "mailhost" is a POP server

>   I know this is thin, but if there are no simple answers, if
>   anyone lives in silicon valley, i could trade my services as
>   a graphics engineer for networking services to help out my
>   friend, or at least some healthy concise info would be helpful
>   to solve the following:

>   1.  Need to move the http service "somewhere".  The local
>       "mailhost" is pretty slow and the sysadmin had some
>       healthy CGI software.  Assume slow is ok for now, would
>       it be best to move the http support to the "mailhost"
>       or to the ISP ?  Since there is no local router, would
>       this even be possible without complex software ?  I
>       realize the firewall issues, but for the sake of first
>       getting up and running, can this system be pop server,
>       http server, ppp interface etc ?  What do i need ?
>   2.  The other unix system ("workhost") isn't "seen" by "mailhost" but
>       "mailhost" is ping-able from "workhost".  It seems like
>       they should be immediately visible to each other if in
>       the /etc/hosts file since they are on the same physical
>       net.  As I mentioned before, their IP addresses are not
>       on the same logical net.  I have no idea why the sysadmin
>       who bailed out did such a thing.  Any clues where I should
>       begin ?  My friend desparately needs to move files from
>       one system to the other.

Funny... if mailhost can see workhost, workhost should be able to see
mailhost. Be aware that mailhost actually has TWO IP interfaces, i.e. TWO
IP addresses (one for the ppp interface and one for the ethernet). The
addresses for the two interfaces should be on different subnets. Please
check whether this is right.

Quote:>   my knowledge of networking is in programming the sockets layer
>   and that's about it.  I've not found decent information on
>   practical applications of gateways, routers on such a
>   hybrid network.  The PC's use the "workhost" system as a file
>   server and "mailhost" for general internet access.

mailhost is actually acting as a router.

Quote:>   Lastly, "mailhost" provides ftp access to some of their
>   customers, the number of which are diminishing as things
>   fall apart.

>   Is there a simpler topology to do all of these things and
>   retain the ability to provide ftp service to customers,
>   internet access for their pc's etc ?  Http provisions
>   could be simplified, eg. eliminating CGI databases if
>   need be, with emphasis on stablizing the network and
>   maintenance so they can get back on their feet without
>   being bled to death by the admin from hell....  :^/

To move http and ftp off the workhost and mailhost, with minimum impact
on your network (in the sense of changing config.) the thing I would do
is to move the http and ftp servers to the ISP's servers. All you'd need
to do is to get your ISP to set it up for you, which isn't particularly
complicated:-
1. setup DNS, so ftp.yourhostname.com and http.yourhostname.com point to
the right server(s);
2. setup virtual ftp server and virtual http server on the ISP's
machine(s);
3. move the files over.

Mail on your net is not touched, and all the workstations would still be
able to access the net.

Then you consider putting a firewall in, etc.

OTOH, if I were in the same situation as you, being particularly
interested in networking and experience in setting up Linux and IP
Masquerade, I'd probably do it this way:-
1. Try to preserve the email arrangement on mailhost, running the latest
version of sendmail and pop server. If I had time, I would try installing
and setting up qmail;
2. Setup a DNS server on mailhost;
3. Setup IP Masquerade on mailhost;
4. Setup a bootp/whatever server on mailhost, giving out private IP
addresses for workhost and the PCs; or use /etc/hosts file instead;
5. Run redir on mailhost to redirect http requests to http server on
workhost;
6. Setup ftp server on mailhost.

That's about all I can think of right now... This is more secure than
your old setup.

Get that O'Reilly book "Getting Connected: The Internet at 56K and Up" by
Kevin Dowd. Well explained in there for reorganizing your network.

Good luck.

Cheers,
Frank.
--
a?? - ????-???
ASCII and BIG5 Readable...
Remove ".WEBMASTER" from email address when replying.
ICQ: 1214488

 
 
 

1. pls respond

I have my certification for Solaris 8 admin 1 - i realize I cant write the
upgrade exam as I dont have admin 2 for solaris 8 - in your guys minds
should i continue to write solaris 8 admin 2 then write the upgrade for 9 or
just start writing solaris 9 admin 1 from scratch .

2. no route to host

3. test only - pls do not respond

4. Netscape won't run

5. Starting X causes the system to stop responding

6. Mounting Remote Linux File System

7. The good, the bad & the ugly (or VM, block devices, and SCSI :-)

8. linux on 23gb drive

9. I tried LINUX :-) :-)

10. scsi errors - pls help find hardware or software cause?

11. InfoExplorer works under X11R5 now :-) :-)

12. Good 2 be here :-)

13. Pls help: crossed twisted pair to PCMCIA causes linux to lock up