Sponsored Links

Interview Questions



INTERVIEW QUESTIONS OPERATING SYSTEMS IP MASQUERADING DETAILS

Question: How does IP Masquerade Work?

Answer: * If your machine is a stand-alone Linux host connected to the Internet
(setting up a firewall is a good idea though), or

* if you already have multiple assigned public addresses for your OTHER
machines, and

* if you don't like the idea of a 'free ride' using Linux and feel more
comfortable using expensive commercial tools to perform the exact same
functionalities.



-----------------------------------------------------------------------------

2.5. How does IP Masquerade Work?

Based from the original IP Masquerade FAQ by Ken Eves: Here is a drawing of
the most simplistic setup:
+---------------------------------------------------------------------------+
|PPP/ETH/etc. +------------+ +-------------+ |
|to ISP provider | Linux #1 | PPP/ETH/etc. | Anybox | |
| | | | | |
| <---------- modem1| |modem2 ----------- modem3| | |
| | | | | |
| 111.222.121.212 | | 192.168.0.100 | | |
| +------------+ +-------------+ |
+---------------------------------------------------------------------------+

In the above drawing, a Linux box with IP_MASQUERADING is installed as Linux
#1 and is connected to the Internet via PPP, Ethernet, etc. It has an
assigned public IP address of 111.222.121.212. It also has another network
interface (e.g. modem2) connected to allow incoming network traffic be it
from a PPP connection, Ethernet connection, etc.

The second system (which does not need to be Linux) connects into the Linux #
1 box and starts its network traffic to the Internet. This second machine
does NOT have a publicly assigned IP address from the Internet, so it uses an
[http://www.ietf.org/rfc/rfc1918.txt?number=1918] RFC1918 private address,
say 192.168.0.100. (see below for more info)

With IP Masquerade and the routing configured properly, this second machine
"Anybox" can interact with the Internet as if it was directly connected to
the Internet with a few small exceptions [noted later].

Quoting Pauline Middelink (the founder of Linux's IPMASQ):

"Do not forget to mention that the "ANYBOX" machine should have the Linux #1
box configured as its default gateway (whether it be the default route or
just a subnet is no matter). If the "ANYBOX" machine is connected via a PPP
or SLIP connection, the Linux #1 machine should be configured to support
proxy arp for all routed addresses. But, the setup and configuration of proxy
arp is beyond the scope of this document. Please see the [http://www.tldp.org
/HOWTO/PPP-HOWTO/index.html] PPP-HOWTO for more details."

The following is an excerpt on how IPMASQ briefly works though this will be
explained in more detail later. This short text is based from a previous post
on comp.os.linux.networking which has been edited to match the names used in
the above example:
+-------------------------------------------------------------------------------+
| o I tell machine ANYBOX that my PPP or Ethernet connected Linux box is its |
| gateway. |
| |
| o When a packet comes into the Linux box from ANYBOX, it will assign the |
| packet to a new TCP/IP source port number and insert its own IP address |
| inside the packet header, saving the originals. The MASQ server will |
| then send the modified packet over the PPP/ETH interface onto the |
| Internet. |
| |
| o When a packet returns from the Internet into the Linux box, Linux |
| examines if the port number is one of those ports that was assigned |
| above. If so, the MASQ server will then take the original port and |
| IP address, put them back in the returned packet header, and send |
| the packet to ANYBOX. |
| |
| o The host that sent the packet will never know the difference. |
+-------------------------------------------------------------------------------+

Another IP Masquerading Example:

A typical example is given in the diagram below:
+---------------------------------------------------------------------------+
| Ethernet |
| 192.168.0.x |
| +----------+ |
| | | |
| | A-box |:::::: |
| | |.2 : |
| +----------+ : |
| : +----------+ PPP/ETH |
| +----------+ : .1 | Linux | link |
| | | :::::::| Masq-Gate|:::::::::::::::::::>> Internet |
| | B-box |:::::: | | 111.222.121.212 |
| | |.3 : +----------+ |
| +----------+ : |
| : |
| +----------+ : |
| | | : |
| | C-box |:::::: |
| | |.4 |
| +----------+ |
| |
| |
| | | | > |
| | <-Internal Network--> | | <- External Network ----> > |
| | connected via an | | Connected from the > |
| | Ethernet hub or | | Linux server to your > |
| | switch | | Internet connection > |
+---------------------------------------------------------------------------+

In this example, there are (4) computer systems that we are concerned about.
There is also presumably something on the far right that your PPP/ETH
connection to the Internet comes through (modem server, DSL DSLAM, Cablemodem
router, etc.). Out on the Internet, there exists some remote host (very far
off to the right of the page) that you are interested in communicating with).
The Linux system named Masq-Gate is the IP Masquerading gateway for ALL
internal networked machines. In this example, the machines A-box, B-box, and
C-box would have to go through the Masq-Gate to reach the Internet. The
internal network uses one of several [http://www.cis.ohio-state.edu/cgi-bin/
rfc/rfc1918.html] RFC-1918 assigned private network addresses, where in this
case, would be the Class-C network 192.168.0.0. If you aren't familiar with
RFC1918, it is encouraged to read the first few chapters of the RFC but the
jist of it is that the TCP/IP addresses 10.0.0.0/8, 172.16-31.0.0/12, and
192.168.0.0/16 are reserved. When we say "reserved", we mean that anyone can
use these addresses as long as they aren't routed over the Internet. ISPs are
even allowed to use this private addressing space as long as they keep these
addresses within their own networks and NOT advertise them to other ISPs.
Unfortunately, this isn't always the case but thats beyond the scope of this
HOWTO.

Anyway, the Linux box in the diagram above has the TCP/IP address 192.168.0.1
while the other systems has the addresses:



* A-Box: 192.168.0.2

* B-Box: 192.168.0.3

* C-Box: 192.168.0.4




The three machines, A-box, B-box and C-box, can have any one of several
operating systems, just as long as they can speak TCP/IP. Some such as
Windows 95, Macintosh MacTCP or OpenTransport , or even another Linux box
have the ability to connect to other machines on the Internet. When running
the IP Masquerade, the masquerading system or MASQ-gate converts all of these
internal connections so that they appear to originate from the masq-gate
itself. MASQ then arranges so that the data coming back to a masqueraded
connection is relayed to the proper originating system. Therefore, the
systems on the internal network are only able to see a direct route to the
internet and are unaware that their data is being masqueraded. This is called
a "Transparent" connection.

NOTE: Please see Chapter 7 for more details on topics such as:



* The differences between NAT, MASQ, and Proxy servers.

* How packet firewalls work

Category IP Masquerading Interview Questions & Answers - Exam Mode / Learning Mode
Rating (0.2) By 9304 users
Added on 5/15/2014
Views 67732
Rate it!

Question: How does IP Masquerade Work?

Answer:

* If your machine is a stand-alone Linux host connected to the Internet
(setting up a firewall is a good idea though), or

* if you already have multiple assigned public addresses for your OTHER
machines, and

* if you don't like the idea of a 'free ride' using Linux and feel more
comfortable using expensive commercial tools to perform the exact same
functionalities.



-----------------------------------------------------------------------------

2.5. How does IP Masquerade Work?

Based from the original IP Masquerade FAQ by Ken Eves: Here is a drawing of
the most simplistic setup:
+---------------------------------------------------------------------------+
|PPP/ETH/etc. +------------+ +-------------+ |
|to ISP provider | Linux #1 | PPP/ETH/etc. | Anybox | |
| | | | | |
| <---------- modem1| |modem2 ----------- modem3| | |
| | | | | |
| 111.222.121.212 | | 192.168.0.100 | | |
| +------------+ +-------------+ |
+---------------------------------------------------------------------------+

In the above drawing, a Linux box with IP_MASQUERADING is installed as Linux
#1 and is connected to the Internet via PPP, Ethernet, etc. It has an
assigned public IP address of 111.222.121.212. It also has another network
interface (e.g. modem2) connected to allow incoming network traffic be it
from a PPP connection, Ethernet connection, etc.

The second system (which does not need to be Linux) connects into the Linux #
1 box and starts its network traffic to the Internet. This second machine
does NOT have a publicly assigned IP address from the Internet, so it uses an
[http://www.ietf.org/rfc/rfc1918.txt?number=1918] RFC1918 private address,
say 192.168.0.100. (see below for more info)

With IP Masquerade and the routing configured properly, this second machine
"Anybox" can interact with the Internet as if it was directly connected to
the Internet with a few small exceptions [noted later].

Quoting Pauline Middelink (the founder of Linux's IPMASQ):

"Do not forget to mention that the "ANYBOX" machine should have the Linux #1
box configured as its default gateway (whether it be the default route or
just a subnet is no matter). If the "ANYBOX" machine is connected via a PPP
or SLIP connection, the Linux #1 machine should be configured to support
proxy arp for all routed addresses. But, the setup and configuration of proxy
arp is beyond the scope of this document. Please see the [http://www.tldp.org
/HOWTO/PPP-HOWTO/index.html] PPP-HOWTO for more details."

The following is an excerpt on how IPMASQ briefly works though this will be
explained in more detail later. This short text is based from a previous post
on comp.os.linux.networking which has been edited to match the names used in
the above example:
+-------------------------------------------------------------------------------+
| o I tell machine ANYBOX that my PPP or Ethernet connected Linux box is its |
| gateway. |
| |
| o When a packet comes into the Linux box from ANYBOX, it will assign the |
| packet to a new TCP/IP source port number and insert its own IP address |
| inside the packet header, saving the originals. The MASQ server will |
| then send the modified packet over the PPP/ETH interface onto the |
| Internet. |
| |
| o When a packet returns from the Internet into the Linux box, Linux |
| examines if the port number is one of those ports that was assigned |
| above. If so, the MASQ server will then take the original port and |
| IP address, put them back in the returned packet header, and send |
| the packet to ANYBOX. |
| |
| o The host that sent the packet will never know the difference. |
+-------------------------------------------------------------------------------+

Another IP Masquerading Example:

A typical example is given in the diagram below:
+---------------------------------------------------------------------------+
| Ethernet |
| 192.168.0.x |
| +----------+ |
| | | |
| | A-box |:::::: |
| | |.2 : |
| +----------+ : |
| : +----------+ PPP/ETH |
| +----------+ : .1 | Linux | link |
| | | :::::::| Masq-Gate|:::::::::::::::::::>> Internet |
| | B-box |:::::: | | 111.222.121.212 |
| | |.3 : +----------+ |
| +----------+ : |
| : |
| +----------+ : |
| | | : |
| | C-box |:::::: |
| | |.4 |
| +----------+ |
| |
| |
| | | | > |
| | <-Internal Network--> | | <- External Network ----> > |
| | connected via an | | Connected from the > |
| | Ethernet hub or | | Linux server to your > |
| | switch | | Internet connection > |
+---------------------------------------------------------------------------+

In this example, there are (4) computer systems that we are concerned about.
There is also presumably something on the far right that your PPP/ETH
connection to the Internet comes through (modem server, DSL DSLAM, Cablemodem
router, etc.). Out on the Internet, there exists some remote host (very far
off to the right of the page) that you are interested in communicating with).
The Linux system named Masq-Gate is the IP Masquerading gateway for ALL
internal networked machines. In this example, the machines A-box, B-box, and
C-box would have to go through the Masq-Gate to reach the Internet. The
internal network uses one of several [http://www.cis.ohio-state.edu/cgi-bin/
rfc/rfc1918.html] RFC-1918 assigned private network addresses, where in this
case, would be the Class-C network 192.168.0.0. If you aren't familiar with
RFC1918, it is encouraged to read the first few chapters of the RFC but the
jist of it is that the TCP/IP addresses 10.0.0.0/8, 172.16-31.0.0/12, and
192.168.0.0/16 are reserved. When we say "reserved", we mean that anyone can
use these addresses as long as they aren't routed over the Internet. ISPs are
even allowed to use this private addressing space as long as they keep these
addresses within their own networks and NOT advertise them to other ISPs.
Unfortunately, this isn't always the case but thats beyond the scope of this
HOWTO.

Anyway, the Linux box in the diagram above has the TCP/IP address 192.168.0.1
while the other systems has the addresses:



* A-Box: 192.168.0.2

* B-Box: 192.168.0.3

* C-Box: 192.168.0.4




The three machines, A-box, B-box and C-box, can have any one of several
operating systems, just as long as they can speak TCP/IP. Some such as
Windows 95, Macintosh MacTCP or OpenTransport , or even another Linux box
have the ability to connect to other machines on the Internet. When running
the IP Masquerade, the masquerading system or MASQ-gate converts all of these
internal connections so that they appear to originate from the masq-gate
itself. MASQ then arranges so that the data coming back to a masqueraded
connection is relayed to the proper originating system. Therefore, the
systems on the internal network are only able to see a direct route to the
internet and are unaware that their data is being masqueraded. This is called
a "Transparent" connection.

NOTE: Please see Chapter 7 for more details on topics such as:



* The differences between NAT, MASQ, and Proxy servers.

* How packet firewalls work
Source: CoolInterview.com



If you have the better answer, then send it to us. We will display your answer after the approval.
Rules to Post Answers in CoolInterview.com:-
  • There should not be any Spelling Mistakes.
  • There should not be any Gramatical Errors.
  • Answers must not contain any bad words.
  • Answers should not be the repeat of same answer, already approved.
  • Answer should be complete in itself.
Name :*
Email Id :*
Answer :*
Verification Code Code Image - Please contact webmaster if you have problems seeing this image code Not readable? Load New Code
Process Verification Enter the above shown code: *
Inform me about updated answers to this question

Related Questions
View Answer
Who Doesn't Need IP Masquerade?
View Answer
Who Can Benefit From IP Masquerade?
View Answer
What is IP Masquerade?
View Answer

Please Note: We keep on updating better answers to this site. In case you are looking for Jobs, Pls Click Here Vyoms.com - Best Freshers & Experienced Jobs Website.

View All IP Masquerading Interview Questions & Answers - Exam Mode / Learning Mode



User Options
India News Network

Latest 20 Questions
Payment of time- barred debt is: (a) Valid (b) Void (c) Illegal (d) Voidable
Consideration is defined in the Indian Contract Act,1872 in: (a) Section 2(f) (b) Section 2(e) (c) Section 2(g) (d) Section 2(d)
Which of the following is not an exception to the rule, "No consideration, No contract": (a) Natural love and affection (b) Compensation for involuntary services (c) Completed gift (d) Agency
Consideration must move at the desire of: (a) The promisor (b) The promisee (c) The promisor or any other party (d) Both the promisor and the promisee
An offer which is open for acceptance over a period of time is: (a) Cross Offer (b) Counter Offer (c) Standing Offer (d) Implied Offer
Specific offer can be communicated to__________ (a) All the parties of contract (b) General public in universe (c) Specific person (d) None of the above
_________ amounts to rejection of the original offer. (a) Cross offer (b) Special offer (c) Standing offer (d) Counter offer
A advertises to sell his old car by advertising in a newspaper. This offer is caleed: (a) General Offer (b) Special Offer (c) Continuing Offer (d) None of the above
In case a counter offer is made, the original offer stands: (a) Rejected (b) Accepted automatically (c) Accepted subject to certain modifications and variations (d) None of the above
In case of unenforceable contract having some technical defect, parties (a) Can sue upon it (b) Cannot sue upon it (c) Should consider it to be illegal (d) None of the above
If entire specified goods is perished before entering into contract of sale, the contract is (a) Valid (b) Void (c) Voidable (d) Cancelled
______________ contracts are also caled contracts with executed consideration. (a) Unilateral (b) Completed (c) Bilateral (d) Executory
A offers B to supply books @ Rs 100 each but B accepts the same with condition of 10% discount. This is a case of (a) Counter Offer (b) Cross Offer (c) Specific Offer (d) General Offer
_____________ is a game of chance. (a) Conditional Contract (b) Contingent Contract (c) Wagering Contract (d) Quasi Contract
There is no binding contract in case of _______ as one's offer cannot be constructed as acceptance (a) Cross Offer (b) Standing Offer (c) Counter Offer (d) Special Offer
An offer is made with an intention to have negotiation from other party. This type of offer is: (a) Invitation to offer (b) Valid offer (c) Voidable (d) None of the above
When an offer is made to the world at large, it is ____________ offer. (a) Counter (b) Special (c) General (d) None of the above
Implied contract even if not in writing or express words is perfectly _______________ if all the conditions are satisfied:- (a) Void (b) Voidable (c) Valid (d) Illegal
A specific offer can be accepted by ___________. (a) Any person (b) Any friend to offeror (c) The person to whom it is made (d) Any friend of offeree
An agreement toput a fire on a person's car is a ______: (a) Legal (b) Voidable (c) Valid (d) Illegal



Fresher Jobs | Experienced Jobs | Government Jobs | Walkin Jobs | Company Profiles | Interview Questions | Placement Papers | Companies In India | Consultants In India | Colleges In India | Exams In India | Latest Results | Notifications In India | Call Centers In India | Training Institutes In India | Job Communities In India | Courses In India | Jobs by Keyskills | Jobs by Functional Areas

Testing Articles | Testing Books | Testing Certifications | Testing FAQs | Testing Downloads | Testing Interview Questions | Testing Jobs | Testing Training Institutes

Gate Articles | Gate Books | Gate Colleges | Gate Downloads | Gate Faqs | Gate Jobs | Gate News | Gate Sample Papers | Gate Training Institutes

MBA Articles | MBA Books | MBA Case Studies | MBA Business Schools | MBA Current Affairs | MBA Downloads | MBA Events | MBA Notifications | MBA FAQs | MBA Jobs
MBA Job Consultants | MBA News | MBA Results | MBA Courses | MBA Sample Papers | MBA Interview Questions | MBA Training Institutes

GRE Articles | GRE Books | GRE Colleges | GRE Downloads | GRE Events | GRE FAQs | GRE News | GRE Training Institutes | GRE Sample Papers

IAS Articles | IAS Books | IAS Current Affairs | IAS Downloads | IAS Events | IAS FAQs | IAS News | IAS Notifications | IAS UPSC Jobs | IAS Previous Question Papers
IAS Results | IAS Sample Papers | IAS Interview Questions | IAS Training Institutes | IAS Toppers Interview

SAP Articles | SAP Books | SAP Certifications | SAP Companies | SAP Study Materials | SAP Events | SAP FAQs | SAP Jobs | SAP Job Consultants
SAP Links | SAP News | SAP Sample Papers | SAP Interview Questions | SAP Training Institutes |




Copyright ©2003-2024 CoolInterview.com, All Rights Reserved.
Privacy Policy | Terms and Conditions