The FreeBSD Diary

The FreeBSD Diary (TM)

Providing practical examples since 1998

If you buy from Amazon USA, please support us by using this link.
[ HOME | TOPICS | INDEX | WEB RESOURCES | BOOKS | CONTRIBUTE | SEARCH | FEEDBACK | FAQ | FORUMS ]
FreeBSD Support
 New Topic  |  Go to Top  |  Go to Topic  |  Search  |  Log In   Newer Topic  |  Older Topic 
 ip addresses
Author: aaron 
Date:   16-12-01 08:41

Hi

I have a question regarding ip addresses.
I have a t1 line with a cisco router with 64 ips.

I was thinking about letting some of my clients put some of their boxes of my line with root access "with only one ip address per client box".

What would be a good way to limit ip addresses to curtain nics ? Basically so the client cannot start adding ips to rc.conf and taking more addresses then their supose to have, or trying to use ip addresses already in use.

Any help, would be very cool:)

Best Regards

Aaron

Reply To This Message
 
 Re: ip addresses
Author: Daniel Schrock 
Date:   16-12-01 23:31

If they own the box, then there is little you can do.
You could require each client to supply a router, split your block into smaller subnets, and then only route those subnets to each client.

Look at it this way. If you colocated a box in someone's datacenter, then started hijacking ips, how long do you think your box would stay in there?
If the client has something to lose, they aren't going to risk losing it. If the client has nothing to lose, they shouldn't be a client.

Reply To This Message
 
 Re: ip addresses
Author: aaron 
Date:   17-12-01 04:25


Thanks daniel for the great advise :)

I got another good question for you when you get a chance.

What would be the best way to monitor the bandwidth of one of my client boxes.

I will need to break it down to monitor how many "gigs" of band.. a client box uses in a month.

I know mrtg would be great for this, but don't know where to get any scripts to use with it.

Any suggestions ?

Best Regards

Aaron

Reply To This Message
 
 Re: ip addresses
Author: Ryan Masse 
Date:   19-12-01 18:50

Back to your first question; Daniel pretty much hit the nail on the spot. An alternative to his response would be to acquire a managed switch with has the capability to filter traffic, bind ports and bind IP addresses based on MAC addresses and/or ports. For example you give x client a 10/100 local connection to port 9 on the managed switch. You would then logon to the switch and configure the device to bind publicipaddy1 to port 9 etc. The Cisco Catalyst line of switches with the latest IOS have these capabilities.

Getting to your second question, there is a package called IPMeter which does a bang up job in graphing, accounting, and billing based on traffic usage. Itís a pain to get installed but once it is, it will surpass any tool on the market including MRTG (nothing against MRTG).

Ryan

Reply To This Message
 Forum List  |  Threaded View   Newer Topic  |  Older Topic 


 Forum List  |  Need a Login? Register Here 
 User Login
 User Name:
 Password:
 Remember my login:
   
 Forgot Your Password?
Enter your email address or user name below and a new password will be sent to the email address associated with your profile.
How to get the most out of the forum

phorum.org