My home network consists of six computers:
- Thebe, my internet gateway running FreeBSD 6.1
- Metis, the ipfilter based firewall router running FreeBSD 6.1
- Europa, the DHCP, Samba, and master DNS server running Mandrake Linux 10.1
- Callisto, the mail server running FreeBSD 5.4
- Io, the slave DNS server and web server running FreeBSD 5.4
- Ganymede, a computer running Windows XP (just for games – really!)
- Leda, my laptop running Windows XP
The purpose of most of the machines shown in the diagram is self explanatory. Thebe, however, bears closer scrutiny. Thebe is listed as my internet gateway which is somewhat confusing. After all, the rest of my machines can talk to it only through the internet. This doesn’t seem to make much sense until you understand why it’s there. I have a typical residential internet connection with a dynamically assigned IP address. My ISP blocks port 25 for residential customers as one of their anti-spam measures which means I can’t send or receive email directly. Luckily, I have a friend with a business internet account and a pool of static IP addresses. Even better, he allows me to host a server at his house and to use one of his IPs. My domain, arda.homeunix.net, points to Thebe which is reachable on port 25 from the internet. Because my domain points at this machine, all web traffic directed to the Arda Network passes through it as well.
But Thebe does not actually run any services on it. My mail and web servers reside at my home. How does Thebe communicate with my other machines? Well, through a VPN of course. The VPN makes Thebe look like it’s a part of the local network as far as my other machines are concerned. Thebe is running ipfilter so all I have to do is forward ports 25 and 80 to my mail and web servers respectively and, voila, I have mail and web servers that appear to the world to have a single static IP. This is why I call Thebe my internet gateway.
One of these days I’ll write up a description of how my VPN works between Thebe and the rest of the Arda Network.