[BC] Lost in IT land ( HELP !! )

Cowboy curt at cwf1.com
Sun Jun 17 07:37:32 CDT 2012 

On Saturday 16 June 2012 09:41:29 pm donroden at hiwaay.net wrote:
> Quoting Cowboy <curt at cwf1.com>:
> >  Conflicts !
> >  About all of them are "well known" and already defined.
> > Cowboy
> 
> Not well known to me, but I'll go with that answer.

 Perhaps not, but IANA, the same people who keep track of
 who has what registered IP, also keep track of registered ports,
 who registered them, for what purpose, and when.
 Ports 0 through 49151 are registered for specific purposes.
 See
 http://www.iana.org/assignments/service-names-port-numbers/service-names-port-numbers.txt

 This does not mean that you can't reallocate a port for your own purposes,
 especially on your side of the router, just that the "well known" use for that
 particular port is already established.

 That's how browsers know to send their requests to port 80, and web servers
 know to listen for requests on port 80.
 It doesn't have to be 80, but that's the "well known" established standard.

> Now back to one of the original questions :
> 
> ISP assigns the station a fixed outside / public IP address for the SAGE.
> 
> Now, what do I need to do on my end to make the SAGE know someone is  
> knocking on the door ?

 OK.
 If the ISP has assigned a public IP that you plan to use exclusively for
 your sage unit, then the easiest thing will be to assign your sage
 as a "DMZ machine" in your router.
 That way, any and every incoming request for that IP will be routed
 to your sage unit on its internal ( private ) IP assignment.

 DMZ is an older definition that basically means to bypass the firewall
 for this particular machine only, in both directions.
 No port translation is done. All incoming requests are routed directly
 to that machine, and no outgoing request is touched at all, except
 for the NAT function.

 If your router does not do DMZ, then you'll need to set up routing
 in the router, sometimes called port forwarding.

 Basically, the incoming ports you wish to allow need to be defined
 in the router as to where requests for that port are routed.
 In your case, *all* requests for the sage public IP route to the sage private IP.

 If your firewall blocks outgoing port requests, you'll need to unblock
 reply ports. Otherwise, you don't need to worry about that at all.
 Probably, you don't. Blocking outgoing requests is not common, and
 adds a great deal of complexity to firewall configurations.

 You don't really *need* a dedicated public IP for your sage, but it
 does make things easier, and also much less secure as the sage
 is accessible to the general public.

-- 
Cowboy

More information about the Broadcast mailing list