Re: Looking for program that emails me when dhcp addr changes
From: Larry Alkoff (nobody_at_nowhere.com)
Date: 05/18/05
- Previous message: Richard E. Silverman: "Re: Looking for program that emails me when dhcp addr changes"
- In reply to: Richard E. Silverman: "Re: Looking for program that emails me when dhcp addr changes"
- Next in thread: Sooner Al \(MVP\): "Re: Looking for program that emails me when dhcp addr changes"
- Reply: Sooner Al \(MVP\): "Re: Looking for program that emails me when dhcp addr changes"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Wed, 18 May 2005 02:52:58 GMT
On 17 May 2005 22:25:51 -0400, "Richard E. Silverman" <res@qoxp.net>
wrote:
>
>>>>>> "LA" == Larry Alkoff <nobody@nowhere.com> writes:
>
> LA> Neither my ssh info or man route says mentions about how to ssh in
> LA> to a NATted machine.
>
>That's because you don't, not directly. This is the creeping, subversive
>horror of NAT -- a machine behind a PNAT gateway is not actually connected
>to the Internet, not in the way God intended. It has no globally
>meaningful IP address, and hence cannot be the explicit target of incoming
>traffic. Instead, it has a kind of shadowy half-existence, able to
>participate in TCP connections or UDP conversations it initiates but
>unable to reciprocate.
>
>The usual hack around this is to program your router to intercept TCP
>connections addressed to the router's address on certain ports, and
>"forward" (proxy) them to certain internal machines of your choice.
>
>The sheer ugliness of NAT is breathtaking. IP and packet-switching was
>designed to support a resilient a network of peer hosts, all fully capable
>of providing services to one another. With pervasive NAT, most pairs of
>machines on the Net today are in fact *incapable* of talking directly to
>one another, because neither one has a real address! Instead,
>communication has to be mediated by mutual connection to some server --
>which turns the Internet back into the sort of brittle hierarchical thing
>it was originally designed to replace! And of course, also enforces a
>broadcast, push-only model of content distribution, helping turn the Net
>into just another kind of digital TV. More channels, but the same crap
>from the same corporations.
>
>It's painful. And every time the topic of IPv6 comes up in places like
>slashdot, you get a hundred idiots babbling on about how "the market has
>spoken" and we don't really need it, NAT has solved all the problems just
>fine. That's like believing that we don't need fusion, because putting
>air filters on the smokestacks of coal-burning power plants has solved the
>problem. It's a short-term stopgap with real downsides, not a solution.
Thank you Richard for a very interesting and informative explanation
of why my difficulty is happening.
It seems my only alternative are either to attach a modem or work out
"the usual hack around".
I'm willing to restrict all incoming ssh connections to a single
machine since I can go anywhere on my LAN from there.
So I'm going to ask the floppyfw (single bootable floppy based router
/ iptables firewall) people how to modify it to forward all port 22
connections to my selected machine. That doesn't sound so hard.
Any other connections besides port 22 I need to address?
Thanks again,
Larry
- Previous message: Richard E. Silverman: "Re: Looking for program that emails me when dhcp addr changes"
- In reply to: Richard E. Silverman: "Re: Looking for program that emails me when dhcp addr changes"
- Next in thread: Sooner Al \(MVP\): "Re: Looking for program that emails me when dhcp addr changes"
- Reply: Sooner Al \(MVP\): "Re: Looking for program that emails me when dhcp addr changes"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
