Depends on what version of SCO's Unix your 'SCO machine' (?) is running
under.
Tony
--
************* THE NEW DIMENSION IN DISTRIBUTION ***********
ilion Faculty B.V.
Tony Earnshaw email: to...@ilion.nl
Randstad 21-57
1314 BH Almere-Stad tel: +31 (0) 36 548 50 10
The Netherlands fax: +31 (0) 36 534 05 34
***************** http://www.ilion.nl *********************
That said, you can do everything you mentioned, except I think the
DHCP server. I'm pretty sure you'll have to go with static IPs for
your Win98 machines. You'll also need a proxy server (SCO OSR doesn't
provide one, maybe Unixware does), but you can use the free Apache
server available from Skunkware (on www.sco.com) to do this.
HTH,
Scott
Larry McFarlane wrote in message ...
Scott Roberts wrote in message <7jjj2d$mi1$1...@ionews.ionet.net>...
Now, NAT is built into Linux, but it can be tricky to set up. I don't recall
if there is a free version for SCO, but you may want to look into it. Good
luck! I hope you have some success!
Chris Martin
Larry McFarlane <mcfa...@tconl.com> wrote in message
news:fIh73.369$N3.3...@news.uswest.net...
>I have a cable modem connection. However, my provider's cable modem only
>allows 1 IP per modem. What I'm hoping to do is connect all 3 of my
>computers to a SCO machine. The other PCs are Win98. I would like the Sco
>Machine to be the router/gateway to the internet, DHCP server for my win98
>machines , and a PPP server for remote access. I'm somewhat familiar with
>TCP but the other stuff is unknown territory. Is this realistic or am I
>duh - reaming?
I didn't know that SCO made "machines". Last time I checked, SCO made
operating systems. Try:
uname -X | grep "release"
for the exact version of what you're running.
What you're looking for is called NAT (Network Address Translation) or
more correctly, PAT (Port Address Translation). SCO does not believe in
NAT or PAT (as I bitched and moaned a several SCO Forum's) and has
decided that IPv6 will solve all such problems. Right. Meanwhile, your
choices with OSR5 is to either use a proxy server such as the recently
discontinued Netscape proxy server, or the Skunkware Squid cache proxy.
There are others. However, this is overkill for a relatively simple
problem. If you're going to use your unspecified version of OSR5 as a
router, you might as well try to use it as a firewall. See tcp wrappers
in Skunkware for details.
I've been using dedicated ethernet routers for NAT, DHCP and firewalls.
This weeks favorite is by SonicWall by Sonic Systems:
http://www.sonicsys.com/
For references on NAT and connection sharing see:
http://www.uq.edu.au/~gadmacka/the-nat-page/index.html
http://www.timhiggins.com/ppd/sharing.htm
Incidentally, Doom uses port 666 and Quake uses port 26000. If you setup
a proxy server for Quake and Doom, you'll need to know these numbers. If
you're going to play firewall, then see:
http://www.chebucto.ns.ca/~rakerman/port-table.html
http://users.nais.com/~nevo/masq/
for games and applications configurations required to operate through a
firewall.
--
Jeff Liebermann 150 Felker St #D Santa Cruz CA 95060
(831)421-6491 pgr (831)426-1240 fax (831)336-2558 home
http://www.cruzio.com/~jeffl WB6SSY
je...@comix.santa-cruz.ca.us je...@cruzio.com
> I have OS5 Enterprise, but was hoping I could use OS5 more like a router
> (What turned me onto this was
> the advanced option under OS5's and UnixWare's TCP/IP advanced where you
> could select the Gateway/Router option). The motivation
> behind this is to play quake on any of the other machines, as well. heheh.
> The net proxies solve everything but this...
You still haven't said WHAT version of OS5. Only 5.0.5 has a DHCP
server. Anyway, if you only have 3 Windows clients, what on earth is the
point of using a DHCP server? Just give them fixed IP numbers.
What we do is the following:
The internal network is numbered according to the RFC1918 private class
C convention, in our case 192.168.100.0 with a 24-bit subnet mask, i.e.
255.255.255.0. These numbers can not be routed on the Internet. However,
all (45+) of the Windows-based internal machines can use just about any
services on the Internet they want, either TCP or UDP based. These
include RealAudio, AOL Buddy, FTP, web browsing, usenet and other
similar services. All of the IP numbers, apart from roaming laptops, use
fixed IP numbers - the laptops get their IP numbers from a UnixWare DHCP
server. How do they get their Internet connection?
They use a single SCO OS 5.0.x gateway. This has two NICs, one on the
internal net and one on the Internet. It uses NEC's socks5 proxy,
compiled to support threaded mode (light weight processes) to minimize
use of resources (CPU and memory). It translates requests from the IP
number of each client to the IP number of the Internet NIC and back
again for incoming packets. This is variously known as NAT and IP
Masquerading. It'll give you what you want, most probably, including
Quake.
The SCO OS 5.0.x machine also runs very effective packet-filtering
firewall software, whereby only the ports that are necessary for these
sevices are opened.
NEC's socks5 proxy has to be obtained as source code from NEC's site,
and you'll have to compile it and configure it yourself to suit your own
needs. No socks4 proxy servers support UDP connections, there are other
socks5 servers than NEC's that support a full range of UDP services
(e.g. the Norwegian Dante). NEC also supplies a commercial version of
its socks5 server, but you probably won't want to pay for it.
The vast majority of protocols will work fine with NAT, however a few
include IP addresses within the data section of the packets, where the
router can't touch it, meaning that these don't work. They're a tiny
minority, however.
> Now, NAT is built into Linux, but it can be tricky to set up. I don't recall
> if there is a free version for SCO, but you may want to look into it. Good
> luck! I hope you have some success!
So does FreeBSD. If you have a spare (386+) machine to hand and want a simple
to use system, see:
http://www.mischler.com/iproute
http://www.linuxrouter.org
--
Andrew Smallshaw
smal...@cs.man.ac.uk
>What you're looking for is called NAT (Network Address Translation)
>or more correctly, PAT (Port Address Translation). SCO does not
>believe in NAT or PAT (as I bitched and moaned a several SCO
>Forum's) and has decided that IPv6 will solve all such problems.
>Right.
That attitude is suprising. It would seem to fit in the vaporware
category and is little help to those who need it. And it is needed
as show by the plelthor of HW switch vendors doing this.
Being able to map 256 addressed (even if someone screwed up and
used legal addresses) to 256 ports on a legal IP makes the
headaches such as renumbering entire networks an simple problem.
Do you have any idea why they are not implementing an alternate
solution until their preferences become viable? Things like that
can cause customers to stray.
--
Bill Vermillion bv @ wjv.com
I'm not sure this is necessary. The SCO box can act as a router,
with an "external" NIC configured with the legitimate address which
will talk to the cable modem, and an "internal" NIC configured with
one of the non-routable net addresses (10.*, 172.*, ...). All Win95
machines can live on the internal net, and talk to the internet by
defining the SCO box as their default gateway.
Sent via Deja.com http://www.deja.com/
Share what you know. Learn what you don't.
As Tony Lawrence <to...@aplawrence.com> pointed out via email,
I'm mistaken. We currently use a similar network scheme to what
I described, but our firewall proxies for us. Before that we had
some PCs with direct net access, and I mistakenly thought they had
non-routable addresses which were hidden behind the router.
No, they can't.
Or, more accurately, they can talk all they want, but nobody
can talk back to them, so that effectively eliminates any
conversation.
You need NAT, a proxy, or legitimate addresses.
--
Tony Lawrence (to...@aplawrence.com)
SCO articles, help, book reviews, tests,
job listings and more : http://www.aplawrence.com
Tony Earnshaw wrote in message <375E2645...@ilion.nl>...
>Do you have any idea why they are not implementing an alternate
>solution until their preferences become viable? Things like that
>can cause customers to stray.
I'm not sure how much of the SCO internal politics I should splatter all
over the newsgroup. Probably none. I don't have a clear picture of why
SCO blew it on NAT. I'm also not the one who should be expounding on
such things. Better it should come from SCO.
I don't think there was any kind of conspiracy. SCO is driven by request
(and demands) from its larger corporate customers. If they did not want
NAT (or PAT), or favoured IPv6 instead, or didn't consider NAT a
priority, then it probably just fell off the schedule.
IPv6 implimentation has been delayed by the widespread use of NAT and
PAT. However, recycled IPv4 addresses can't last forever. I've watched
the cable TV set-top box biz argue the point endlessly. The projected
number of full time set-top box and xDSL connections are certain to soon
deplete the available IP addresses making IPv6 a requirement. Now that
Microsloth has bought $5billion in AT&T bonds, AT&T will armtwist
TCI@Home into armtwisting General Instrument into dumping Java and using
Windoze CE on their set-top boxes. Therefore, however Windoze CE does it
(IPv4 vs IPv6), so will the rest of the industry. IPv6 was not a bad bet
at the time, but implimentation may be somewhat delayed.
The original grand plan was to sell OSR5 as an internet server. However,
IFS (Internet Fast Start) did not do so well thus de-emphasizing
requirements normally found in ISP's. There are vendors that configure
and sell OSR5 for ISP service, but they do it by replacing just about
everything exept the core OS and basic networking. That leaves OSR5
positioned as a "conventional" corporate file server which is normally
protected by a dedicated firewall that usually includes NAT and DHCP
services. For really big lans, dual firewalls with a DMZ are common.
Since SCO sells into such installations, I guess those paying the bills
decided that they did not want the SCO box providing the NAT function, or
for that matter, any security functions, and to just act like a high
reliability file server.
Such omissions as NAT are barely noticeable in large installations. They
buy the latest Cisco boxes and build byzantine network topologies without
much concern for the incrimental cost of adding NAT. However, it's
almost fatal for small systems connected to the internet. Instead of a
simple bridge and having the SCO OSR5 box do all the work, I get to buy a
duz-it-all bridge/router/firewall/DHCP/NAT/VPN/etc router box. The
difference is only a few hundred dollars but that's enough to kill a
sale. My competitor can come in with a Linux box that does it all
internally and drastically underbid my best price. Fortunately, my
current customer base is willing to pay extra for a known reliable
solution but such customers appear to be rare.
Drivel: The current issue of Performance Computing magazine has several
pages of glowing praise for UW 7.1 and Webtop from Tom Yeager. This is
especially impressive as Tom Yeager is a Solaris fan.
>I don't think there was any kind of conspiracy. SCO is driven by request
>(and demands) from its larger corporate customers. If they did not want
>NAT (or PAT), or favoured IPv6 instead, or didn't consider NAT a
>priority, then it probably just fell off the schedule.
I got some email asking what the [deleted expletive] is PAT and what is
the difference between NAT and PAT. Apparently, everyone tends to use
NAT to refer to both NAT and PAT. They're different.
NAT gives a 1:1 IP address translation between a block of ISP assigned
routeable addresses on the internet, to corresponding internal
non-routeable IP addresses. For example:
Internet Local Workstations
165.227.10.1 -> 192.168.0.1
165.227.10.2 -> 192.168.0.2
165.227.10.3 -> 192.168.0.3
165.227.10.4 -> 192.168.0.4
Since the mapping is 1:1, you need one routeable address for each
workstation connected to the internet or DHCP to dispense IP addresses as
required. If your ISP hands you a block of 8ea IP addresses, you lose
one to router and one to the broadcast address leaving 6ea available for
connections. If you use NAT, you get 6ea workstations and no more.
PAT uses only one routeable IP address and does the translation by
juggling port numbers. For example:
165.227.10.3:5000 -> 192.168.0.1
165.227.10.3:5001 -> 192.168.0.2
165.227.10.3:5002 -> 192.168.0.3
165.227.10.3:5003 -> 192.168.0.4
Actually, the port number sequence is more complex than the above
example. See:
http://www.cisco.com/warp/public/732/nat/
http://www.cisco.com/warp/public/701/60.html
http://www.rfc-editor.org/rfc/rfc1631.txt
for some details. PAT can do something like 4000 translations.
NAT won't do much good on a small system that has only a one IP address
dialup connection. They need PAT.
> I don't think there was any kind of conspiracy. SCO is driven by request
> (and demands) from its larger corporate customers.
Of course they are. All good companies are, and that's what
kills them: see
http://www.aplawrence.com/Books/innovdil.html
> Such omissions as NAT are barely noticeable in large installations.
Right. So SCO management listens to what it's best
customers tell them, and ignores the squawking from the
peanut gallery.
> My competitor can come in with a Linux box that does it all
> internally and drastically underbid my best price.
And yet SCO seems nearly oblivious to the mice that are
nibbling at their toes. Everything is great, sales are up,
life is rosy. Let's go kill another woolly mammoth and not
worry about these damn mice..
Listening to big customers is the surest course to
disaster. Big customers don't innovate; big customers do
everything they can to keep on doing what they have always
done.
Worse than that, big customers are woolly mammoths. One of
the benefits of the computer revolution is that little guys
can now make a startup with very little capital: little
bands of people and even individuals can now do things that
only giant moneybags used to be able to do. That's
happening in almost every industry, from making movies
(digital movie cameras are now dirt cheap- and dirt poor
people are starting to make films) to books (on demand
publishing and electronic books aren't there yet, but they
will be) to whatever- the barriers to entry are crumbling.
You had better believe that Linux is a part of that, too:
$1,000.00 for an OS can be too much money for a startup- and
when that $1,000.00 OS is crammed with features little folk
don't need, and is missing what they do need.. well, it's
pretty obvious, isn't it?
Somebody needs a wakeup call :-)
>On Wed, 9 Jun 1999 13:15:51 GMT, bi...@wjv.com.REMOVEME (Bill
>Vermillion) wrote:
>>Do you have any idea why they are not implementing an alternate
>>solution until their preferences become viable? Things like that
>>can cause customers to stray.
>I'm not sure how much of the SCO internal politics I should
>splatter all over the newsgroup. Probably none. I don't have a
>clear picture of why SCO blew it on NAT. I'm also not the one who
>should be expounding on such things. Better it should come from
>SCO.
Well of course if you know the internal politics involved, then
definately you should not commentr?
>I don't think there was any kind of conspiracy. SCO is driven
>by request (and demands) from its larger corporate customers.
>If they did not want NAT (or PAT), or favoured IPv6 instead, or
>didn't consider NAT a priority, then it probably just fell off the
>schedule.
I'm not of the 'conspiracy theory' school. Often that which is
attributed to consiparcy is just overlooking something or having a
wrong or uninformed view of the market.
>IPv6 implimentation has been delayed by the widespread use of NAT
>and PAT. However, recycled IPv4 addresses can't last forever. I've
>watched the cable TV set-top box biz argue the point endlessly.
I seem to recall that one of the majors in that arena just acquired
a "A" block from someone. I just locally and found that one
company, (a division of a larger company which owns a full class A,
16million addresses,) has 6 class B's - about 400,000 address, at
one of their local offices, and the other local address (same
company with a different location) also has 1 B. That appears to
me as a lot of wastage.
>The projected number of full time set-top box and xDSL connections
>are certain to soon deplete the available IP addresses making
>IPv6 a requirement.
In a recent article one of the class A holders - Mercedes/Benz
now the Daimler & Chrysler people - are using on a subset of their
owned range, but aren't going to give it up because to quote
(approximatedly) one executive, "we want every automobile to have
an IP address"
>Therefore, however Windoze CE does it (IPv4 vs IPv6), so
>will the rest of the industry. IPv6 was not a bad bet at the time,
>but implimentation may be somewhat delayed.
If it gets delayed too long it will make Y2K problems seem minor.
>The original grand plan was to sell OSR5 as an internet server.
>However, IFS (Internet Fast Start) did not do so well thus
>de-emphasizing requirements normally found in ISP's.
A friend of mine whom I'd consider as a Guru's Guru once remarked
that he'd never put an SCO system or an SGI system on the internet.
>Such omissions as NAT are barely noticeable in large installations.
>They buy the latest Cisco boxes and build byzantine network
>topologies without much concern for the incrimental cost of adding
>NAT.
Even Cisco has NAT.
>However, it's almost fatal for small systems connected to
>the internet. Instead of a simple bridge and having the
>SCO OSR5 box do all the work, I get to buy a duz-it-all
>bridge/router/firewall/DHCP/NAT/VPN/etc router box. The difference
>is only a few hundred dollars but that's enough to kill a sale. My
>competitor can come in with a Linux box that does it all internally
>and drastically underbid my best price. Fortunately, my current
>customer base is willing to pay extra for a known reliable solution
>but such customers appear to be rare.
Yup - there are several plug'n'play internet boxes. Some use
Linux, and Whistle's Interjet uses FreeBSD. IBM bought Whistle
yesterday.
>Drivel: The current issue of Performance Computing magazine has
>several pages of glowing praise for UW 7.1 and Webtop from Tom
>Yeager. This is especially impressive as Tom Yeager is a Solaris
>fan.
Even in the days when Novell owned it UW was a fairly efficient OS.
SCO started with a decent - but ugly looking IMO - base.
>On Wed, 09 Jun 1999 23:50:58 GMT, je...@comix.santa-cruz.ca.us
>(Jeff Liebermann) wrote:
>>I don't think there was any kind of conspiracy. .... If they
>>did not want NAT (or PAT), ....
>I got some email asking what the [deleted expletive] is PAT and what is
>the difference between NAT and PAT. Apparently, everyone tends to use
>NAT to refer to both NAT and PAT. They're different.
>NAT gives a 1:1 IP address translation between a block of ISP assigned
>routeable addresses on the internet, ...
>Since the mapping is 1:1, you need one routeable address for each
>workstation connected to the internet or DHCP to dispense IP addresses as
>required. ...
>PAT uses only one routeable IP address and does the translation by
>juggling port numbers. For example:
> 165.227.10.3:5000 -> 192.168.0.1
> 165.227.10.3:5001 -> 192.168.0.2
> 165.227.10.3:5002 -> 192.168.0.3
> 165.227.10.3:5003 -> 192.168.0.4
>Actually, the port number sequence is more complex than the above
>example. See:
> http://www.cisco.com/warp/public/732/nat/
> http://www.cisco.com/warp/public/701/60.html
> http://www.rfc-editor.org/rfc/rfc1631.txt
>for some details. PAT can do something like 4000 translations.
If someone is interested in PAT they should perhaps also checkout the
Xylan switches with use PAT, along with firewalling to be able to
isolate interal computers completely from others. It's not cheap.
But it is an effective way to distrbute non-routeable addresses to
one (or a few) routable address.
It will also translate from routeable address which are legally
owned by another organization - caused by someone picking an
address at random during the initial setup - into their
own/assigned routable address. I got a bit lost in the low level
details when an SE was stepping me through. Information overload.
>Jeff Liebermann wrote:
>
>> I don't think there was any kind of conspiracy. SCO is driven by
>> request (and demands) from its larger corporate customers.
>Of course they are. All good companies are, and that's what
>kills them: see
>http://www.aplawrence.com/Books/innovdil.html
>> Such omissions as NAT are barely noticeable in large installations.
>Right. So SCO management listens to what it's best
>customers tell them, and ignores the squawking from the
>peanut gallery.
They seem to forget the old saw "don't put all your eggs in one
basket". Losing 1 or 2 major account could cost SCO more than
losing hundreds of smaller account.
It's a business decision - and in the past few years most of the
largest companies in the world have changed their focus.
GE abandoned the retail/consumer market, and concentrated on the
large items, locomotives, jet engines, ... While others have
moved to a consumer target.
You just can't be all things to all people and survive in this
world. One notable exception is Sony - with items from under $5
at your local store to the $500,000 range. Most other have focused
on narrower markets.
>And yet SCO seems nearly oblivious to the mice that are
>nibbling at their toes. Everything is great, sales are up,
>life is rosy. Let's go kill another woolly mammoth and not
>worry about these damn mice..
And one woolly mammoth can feed a lot of mice. Sounds like
a Gulliver's Travels tale.
>> In article <3761155f...@news.ricochet.net>,
>> I'm not sure this is necessary. The SCO box can act as a router,
>> with an "external" NIC configured with the legitimate address which
>> will talk to the cable modem, and an "internal" NIC configured with
>> one of the non-routable net addresses (10.*, 172.*, ...). All Win95
>> machines can live on the internal net, and talk to the internet by
>> defining the SCO box as their default gateway.
>No, they can't.
>Or, more accurately, they can talk all they want, but nobody
>can talk back to them, so that effectively eliminates any
>conversation.
Sounds like the description of a politician.
> You just can't be all things to all people and survive in this
> world.
You can't when the two markets have conflicting needs.
That's why I think SCO should spin off OpenServer to a sink
or swim subsidiary (formed from the discontented in the
ranks, of course) and let them deal with the great unwashed
while Unixware does its "Excelsior!" thing. Retain a 49%
interest (or whatever makes sense), then stand aside and let
them do or die.
Very few of my customers need the incredible stuff that
Unixware offers. They like Openserver, and for most of them
the cost isn't a major factor, but I suspect that when OSR5
is put to sleep, most of them will look long and hard at
Linux. Some might go Unixware, and some very few can
actually make use of its power, but most of those will only
do it because they just don't trust Linux- and that's NOT a
majority, at all.
I'm not a member of the Church of the Born Again Linuxers,
and firmly believe that for *most* of my clients the price
of the OS is the least important aspect. But when the OS is
stuffed with things you don't want, and does not have the
things you do want,.. even if you have queasy feelings about
Linux as the backbone of your company, you are going to
think about it.
>Larry McFarlane wrote:
>
>internal net and one on the Internet. It uses NEC's socks5 proxy,
>compiled to support threaded mode (light weight processes) to minimize
>use of resources (CPU and memory). It translates requests from the IP
>number of each client to the IP number of the Internet NIC and back
>again for incoming packets. This is variously known as NAT and IP
>Masquerading. It'll give you what you want, most probably, including
>Quake.
SOCKS is not masquerading or NAT -- it's proxying. The difference is
that with a proxy, one computer asks another to do something for it;
the proxy does what you ask, and returns the results. In the case of
SOCKS, the clients open special connections to the SOCKS server,
asking it to open the "real" connection to the remote server. The
SOCKS server acts as a relay, translating between HTTP or whatever on
the outbound leg to SOCKS on the inbound leg.
IP masquerading is one type of NAT where one of the network's members
(usually a gateway) translates the addresses in the packets it
receives as part of its gateway duties based on some rule. The simple
example is that all "internal" addresses are translated to the one
outbound address. The masquerading box also translates IP port
numbers, which it uses to de-multiplex incoming replies, so it can
send them on to the proper internal machines.
This difference is important for a number of reasons. First, to use a
proxy, a program must have specific support for it. NEC's SOCKSCap
lets you get around this limitation by getting in between a
SOCKS-ignorant program and the platform's network API in order to
translate the calls.
Still, even with a SOCKSifier, you can run into limitations. For
example, classic FTP doesn't work through a SOCKSifier due to the way
the protocol works -- you have to use the so-called "passive" mode of
FTP. Chat, game and multimedia protocols are also notorious for not
working through dumb SOCKSifiers. (This is as opposed to smart
SOCKSifiers which know the protocols in question and can re-write the
data stream on the fly to make it work.)
Masquerading, on the other hand, works with nearly everything, because
it's transparent to the application. In the few cases where standard
masquerading doesn't work, there are usually smart stream re-writers
available that work at the gateway, rather than requiring trickery on
the client.
As mentioned in other parts of this thread, Linux and other operating
systems have good masquerading support already. I've run NEC SOCKS
myself (both on Linux and on NT), and while it works well for a
limited set of applications (albeit the most important subset), it
isn't nearly as foolproof as masquerading. I wouldn't go back for
anything.
Don't discard the Linux option: you can easily set up a dedicated,
headless 486 for this, and then put the SCO box behind the
masquerading box along with the Windows boxes. We're running a
UnixWare box here at work that sits behind a 486/66 Linux box with 16
MB of RAM and a 500 MB hard drive along with an assortment of half a
dozen other machines (Win9x, WinNT, more Linux). It all works
beautifully, and the Linux box's idle time only goes below 95% when
it's booting. B-)
Also note that with Linux 2.2, the packet-filtering code makes for a
very good firewall. I can send you a script that will both turn on
masquerading and set up a nearly bulletproof firewall. (Bulletproof
by dint of not allowing hardly any incoming connections or ICMP/UDP
requests. Once you start responding to inbound requests,
bulletproofness becomes just a wee bit harder to achieve. B-) )
>NEC's socks5 proxy has to be obtained as source code from NEC's site,
>and you'll have to compile it and configure it yourself to suit your own
>needs. No socks4 proxy servers support UDP connections, there are other
>socks5 servers than NEC's that support a full range of UDP services
>(e.g. the Norwegian Dante). NEC also supplies a commercial version of
>its socks5 server, but you probably won't want to pay for it.
You left out a few things here:
1. The URL: www.socks.nec.com
2. You imply that the free version of the socks5 server is commercial,
and you'll need that to do UDP. In fact the free version is fully
socks5-compliant -- it's the reference implementation of SOCKS, after
all.
My advice: go ahead and try SOCKS, but I'll bet you'll find that Quake
won't work through it, and that you'll find the SOCKSifying hassle
required with other applications more trouble than it's worth.
Good luck,
= Warren -- http://www.cyberport.com/~tangent/
Tony,
That's exactly what I think will happen will happen! OSR5 does us just
fine and will continue to do so for as long as I can see. Unixware is the
new kid on the block and has many "cool things", but we just do not need
them. We've already been running Linux for about a year, performing many
mundane tasks like web serving, email, data collection and such. But the
role Lunix is performing in our organization is increasing every day!
Finally our database vendor is releasing a version for Linux, and just from
our standpoint, when OSR5 gets it's final walking papers from SCO, then SCO
will get their walking papers from us.
Just today, I OK'd the purchase of support and SWIM for OSR5 for next year
at a cost of $2,373.70. GEEEEZ! Yesterday I got my new copy of Redhat
Linux 6.0 (plus all the EXTRA stuff) for $99.95. So we pay > $2,000 a year
for upgrades and 5 support calls on SCO on 1 server, versus $99.95 for each
new version of Linux (which we can run on both the Desktop & on as many
servers as we need) and if we need support we can still purchase individual
calls. (BTW, why did SCO get rid of the single support call option?
Anyone know?)
It does seem that the aim of SCO is toward the BIG corporate environments
(isn't that called ENTERPRISE). Well, that's all fine and well, but then
all of the small and medium size businesses that use SCO will eventually be
forced to choose other options.
I guess time will tell.
------------------------------------------------------
Ken Wolff
MAXIMUS
Child Support Collection Center
http://www.maxinc.com
Phone: 616-957-4949 Ext: 111
Toll Free: 800-722-2338
FAX: 616-957-1614
------------------------------------------------------
> Just today, I OK'd the purchase of support and SWIM for OSR5 for next year
> at a cost of $2,373.70. GEEEEZ! Yesterday I got my new copy of Redhat
> Linux 6.0 (plus all the EXTRA stuff) for $99.95.
Yet obviously you did pay the $2,000.00. The attitude I
hear most often is that the cost of the OS (with or without
support) doesn't pop out of the P&L ; it's buried in the
noise. Heck, for most folks, *I* cost a whole lot more than
the OS ever will, and that raises another point: my
experience so far is that for the average business which
depends on outside support, Linux is going to cost more
because it's going to have more minor snafu's and glitches
(I know the Linux zealots are going to jump all over me for
that one, so I'll say it right now: that's my experience and
OPINION, so lump it). I really don't think it's cost that
is hurting SCO (though it wouldn't hurt to offer something
in the few hundred dollar range). Rather it's features- and
I think it's very obvious that the needs of the real Small
Buiness Market are very different from the market that
Unixware addresses. Certainly some people fall in between:
I have a number of customers in that grey area, and they'll
probably opt for Unixware. But the smaller folks probably
won't, and I don't think SCO is really aware of how much
that's going to hurt them, both long and short term.
If I were younger, and still had some working brain cells
left, I think I'd essay to produce a Linux_SCO; that is, a
Linux port that offered SCO-like administration tools, and
with as much binary compatibility as I could squeeze into
it. I'll bet you could easily get several hundred dollars
for it, and yes, the GPL lets someone else profit from your
labors, but if you paid attention to what the peanuts really
want and kept giving it to them, you could carve out a
healthy living. Too bad I'm so old and tired. Gee, I bet
there's some hungry young SCO engineer reading this right
now- getting any ideas, are you? :-)
That's not to say that SCO is necessarily doing the wrong
thing for SCO, for its employees, for its stockholders.
Maybe hunting woolly mammoths is the best thing to do given
the tools they have and the number of mouths they have to
feed. After all, woolly mammoths are easy to spot, a little
dumb :-), and when you drive one off a cliff everyone feasts
for a looong time.
But my feeling is that there are going to be less and less
woooly mammoths because the ubiquitous and inexpensive
computers and the ever-growing communication capabilities
let itsy bitsy mice do incredible things. Very few people
in my father's generation were independent: they worked for
someone or had groups of people working for them. Today, I
have quite a few friends who are just like me: one person
entities working all by themselves. Computers and
communications freed them from slavery, and I think we're
just starting to see that wave roll in. Of course, small
partnerships enjoy the same fruits, and amazingly small
companies can do incredibly big things nowadays. I'd guess
the big companies will survive, but I really think I'd
rather go after the little market. That's just me, though,
and it doesn't mean SCO is wrong.
So, 10 years from now, maybe both SCO and A.P. Lawrence will
be around. Or maybe not :-)
>>> You just can't be all things to all people and survive in this
>>> world.
>>You can't when the two markets have conflicting needs.
>>That's why I think SCO should spin off OpenServer to a sink
>>or swim subsidiary ...
Interesting thought.
>>Very few of my customers need the incredible stuff that
>>Unixware offers. They like Openserver, and for most of them
>>the cost isn't a major factor, but I suspect that when OSR5
>>is put to sleep, most of them will look long and hard at
>>Linux.
Well they may not need it now but as computers consume more and
more resources the V.3 limits will become more apparent. At one
time 2GB files were unthinkable. Now I have one client who's
constantly trimming their history files back to fit under the 2GB
limit. They want to go with UW7 - however we just got some
of the remote cities off remote terminal servers. Now they can
buy new interface cards to work with the old 16-port boxes, because
the old cards aren't support under SCO OSR5 - past release 5.0.4,
and will NOT work in Unixware.
The users may have to follow the hardware.
My last Xenix upgrade (which was supposed to happen last fall)
starts in the next week or so. When that would fail it was a pain
to find older hardware, eg controller and HD's that would actually
work in the system. HW is moving more rapidly now than it ever
had before, so the time where OSR5 is truly viable may be shorter
than the 10 years Xenix was available after the official
announcement of discontinuance.
They might move to depending on how Linux evolves, and if it still
is the *ix OS of choice 5 years from now. From the reports I've
read, last week's Linux conference brought a lot of discontent to
the surface. Many large vendors while previously the shows were
attended by Linux users and - for want of a better word -
evangelists.
All is not as happy as it could be in the Linux camp right now.
The big money boys were pushing around the people who made it
happen. So if they get really po'ed do they bring up another
*ix like system?
>>I'm not a member of the Church of the Born Again Linuxers,
>>and firmly believe that for *most* of my clients the price
>>of the OS is the least important aspect. But when the OS is
>>stuffed with things you don't want, and does not have the
>>things you do want,.. even if you have queasy feelings about
>>Linux as the backbone of your company, you are going to
>>think about it.
The 'stuffed with things you don't want' is from my point of view
the most cumbersome part. OS5 has a lot of that in it already.
>That's exactly what I think will happen will happen! OSR5 does us
>just fine and will continue to do so for as long as I can see.
>Unixware is the new kid on the block and has many "cool things",
>but we just do not need them.
Unixware is the 'new kid on the block' only as far as SCO is concerned
but it was running and working for at least two years before SCO
bought it from Novell. I have some 1.3x Unixware disks in big
Novell boxes. It was pretty scalable in the SMP department before
SCO entered the scene. I've been using SysV.4 on non-iNTEL
platforms for awhile, and once you get used to it, you don't really
want to go back.
The old timers on this list, going back probably about 5 years
ago, will remember the ever-present Dell-Evangelist, Larry Snyder,
constantly putting down the V.3 of SCO's Unix 3.2.x releases and
was quite vitriolic about the naming conventions and was convinced
the SCO named their product in such a way as to be make a purchaser
think they were getting V.4 when it was really on V.3. They were
quite late with the V.2 product too.
> We've already been running Linux for about a year, performing many
>mundane tasks like web serving, email, data collection and such.
>But the role Lunix is performing in our organization is increasing
>every day!
In today's world webserving, email, and data colletions really
aren't mundane are they?
>Finally our database vendor is releasing a version for Linux, and
>just from our standpoint, when OSR5 gets it's final walking papers
>from SCO, then SCO will get their walking papers from us.
Providing the course of Linux and your vendor keeps going in this
direction. I've seen too many things, far too many things
predicted to be "THE BIG THING" only to watch them disappear
few few years their splashy big introduction.
The press is interesting. A year ago you'd see columnists
'discovering' Linux and praising it on high. Then last fall there
started to be the "I don't know about that" type - picking apart
the Linux. This is typical in reporting because they either missed
getting on the pro-Linux ball at the time, or feel they can stand
out by being a Linux basher.
The problem is that the press - and some of it's more visible - and
at times I've noted grossly uninformed denizens, cause influence
far beyond measure. Of course not as much influence as some of
these columnists believe they have, or would like to have.
>It does seem that the aim of SCO is toward the BIG corporate
>environments (isn't that called ENTERPRISE). Well, that's all fine
>and well, but then all of the small and medium size businesses that
>use SCO will eventually be forced to choose other options.
>I guess time will tell.
Set your alarm and call me when it happens.
>My advice: go ahead and try SOCKS, but I'll bet you'll find that Quake
>won't work through it, and that you'll find the SOCKSifying hassle
>required with other applications more trouble than it's worth.
You might find that:
http://users.nais.com/~nevo/masq/
will ease the pain. The site is geared toward Linux IP Maquerade but the
information is equally applicable to proxy servers. Proxy servers
require service definitions for each port number. If you want Doom, you
configure a proxy for port 666. Quake gets 26000. AOL gets 5190-5193.
I inherited a customer with a SOCKS4 (not 5) proxy server, for a 30 user
lan, that was during into a configuration nightmare and whose firewall
started looking like swiss cheeze with all the holes and tweaks. I would
have used SOCKS5 but far too many applications couldn't handle the
automatic login+password authentication to the SOCKS server. Proxy
servers provide better security the simple packet filters but I would not
use one for a small lan.
Back to the original question. The problem with Quake is that the remote
Quake server is not smart enough to recognize multiple players hiding
behind a single PAT port translating firewall or proxy server. To the
Quake server, everything from the user site looks like it's coming from
one IP address and therefore from one user. It's one player at a time
connecting to the Quake game server or you get a mess. (Can you tell
what I do in my spare time?)
Aw crap, I didn't even think about that. Well, I'm pretty much firewalled
on the Quake thing. Thanks for the bad but enlightening news...