[TriLUG] Dumb mgetty/pppd question

[David Rasch]

On Thu, Oct 28, 2004 at 01:57:32PM -0400, Brian Henning <brian at strutmasters.com> wrote:
> Hey Gang,
>  For my droid wanting outside access to the company financial files, I've 
> decided on direct dial-in access.  I figure that at least removes the 
> vulnerability of his unsecured machine becoming a big fat bridge between 
> our LAN and the internet at large.
>  So my dumb question is, presuming  I have mgetty and pppd correctly 
> configured, will his machine, once connected (using Windows DUN), behave as 
> if it were cabled directly into our network (albeit hideously slowly, of 
> course)?  He'll get an internal IP and be able to ping other internal hosts 
> just like he were in the building, right?  And thereby be able to map a 
> windows share across said link?
>  Otherwise, what am I leaving out?  That's the function we need--the 
> ability for his home computer (Win98) to map a share on a company server.

These helper addresses are doing what's called DHCP Relay.  

It works as follows:
1. Server on w.x.y.z/24 network gets a request, passes it to w.1.1.1
dhcp server via routing
2. Server w.1.1.1 sees that the request was picked up on submit
w.x.y.0/24 and looks for an address pool matching this subnet.  If you
have one defined, it will hand back an address to the relay server
3.  The w.x.y.z/24 network will in turn give the lease to the requesting
client, and the client doesn't know the difference.

For each "pool" you'll need to define the network, netmask, and the
default gateway.  Things like the name servers, etc. can be globally
specified.  

The DHCP server can only give out addresses on it's directly connected
interfaces unless a dhcp-relay is involved (also available from ISC).

David
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 189 bytes
Desc: Digital signature
URL: <http://www.trilug.org/pipermail/trilug/attachments/20041028/4ccfcccc/attachment.pgp>