is it worth the trouble...

I have a question concerning the worth of IP Masqurading/NAT. Right now
I have 3 machines at home:

1. Win2k only
2. Win2k/Linux
3. Linux

I have a DSL line with three static IP addresses. I have a hub with the
uplink port connected to my DSL modem. Everything is working well, each
box handles security itself, each has it's own static IP.

I've been playing around with using my full-time linux box as a
Router/Proxy/Ad Blocker/Firewall box and placing my other boxes behind
it. I understand that alot of the time, a box like that is necessary
when there may be only one connection that needs to be shared, but would
using a Router/Proxy/Ad Blocker/Firewall box be worth it in my case? As
an alternative, I thought about keeping everything as is and just
installing a proxy/ad blocking program on my full-time linux box and adding
that to the proxy settings of my other boxes...

any thoughts from anyone?

If you don't share files or printers between your computers then there is probably no need for a seperate router/firewall. I think a seperate firewall adds an extra layer of security.

The only advantage I could see to using the Linux box as your Router/Proxy/Ad Blocker/Firewall box would be for administrative reasons.

Do you spend a lot of time trying to keep the software updated on the 3 separate machines? It seems like there's always patches to install.
Is the security software on the Windows boxes interfering with the function of the computer? My experience with some of it is that it's a real pain in the a$$.

If any of those 2 issues affect you, it could be easier to just set up the Linux box to handle it all and remove the security software from the mahines behind it.

If they are not a concern, then I'm with michaelk.

BTW, GO STEELERS!! It's too soon to panic.

Well, if you're paying for 2 extra IP addresses, having a NAT box will eliminate the need for the extra IP addresses. Set up NAT, get rid of the extra IP addys. and save some money. ;)

If you're running a server or two which don't like the ports to be forwarded, you may need the extra IP addys but most services run fine with proper portforwarding rules.

If you're running a website and want to manage your domain name all by yourself, you need 2 DNS servers. This pretty much means you need 2 IP public addresses. Of course, you can always use one of your ISP's DNS server(with their permission, of course) and just maintain 1 DNS server resulting in only needing 1 public IP address.

In most situations, 1 public IP address is fine.

Of course, if you like spending money, fell free to do what you wish.:D

Originally posted by The Whizzard
Well, if you're paying for 2 extra IP addresses, having a NAT box will eliminate the need for the extra IP addresses. Set up NAT, get rid of the extra IP addys. and save some money. ;)



Actually... I'm only paying for one! I joined my ISP in the midst of a price war with a competing ISP. I got one IP address for joining, one for switching from the other rival ISP, and one for refering my parents to sign up.... they've actually been very consistent - SDSL 540K/540K all the time...