I started/ran/managed an ISP from 1994 until we sold the
company in 2000, and have done a fair amount of IP stack
development (protocol stack work, not just applications).
Generally speaking, your Terms Of Service with your provider
usually prohibit you from running any kind of server, especially
if it's not a "business account." For a non-business account
where you keep the connection (ie, cable, DSL, etc), then your
"dynamic" address is usually pretty stable, but might change from
time to time. I've noticed my Comcast address changes every 6-8
I have some dyndns.org addresses. They have a timeout of 60
seconds. So, every 60 seconds, any of those addresses expire from
the cache of the name server you are using, and must be refreshed.
Ie, if you address changes, dyndns gets updated pretty quickly,
**IF** you are running software on your computer to detect the change
and update the dyndns database in a short amount of time. The
refresh programs typically refresh every 10 minutes by default, but
that can be changed.
I don't know if DECnet is carried on TCP, UDP, or some other protocol,
but if it uses TCP, then the connect will back-off when it doesn't
get a reply. Ie, your chances of being deteced as a DOS attack are
slim. TCP is designed so that user applications don't flood the network
if the remote end is unavailable. For UDP based applications, this is
purely up to the application developer, since UDP does not guarantee
delivery at all, and this must be done in the application.
If DECnet requires every machine on the network to be visible to the
outside world via IP, then NAT won't work. However, if a gateway can
work, then use non-routable addresses inside your network (ie, 192.168.x.x)
and then have one machine with a NAT address acting as a gateway on the
dynamic address. Find some app (probably on a PC running windoze) that
will periodically check the router's IP and update dyndns as needed. Works
fine for my "dynamic" network (I also have a group of static IPs from
another provider as a business account).
BTW, how much effort is this worth? The internet doesn't seem very
retro to me.
David Comley <david_comley@...
> wrote :
> Not sure that NAT helps in this situation - the guy at
> the 'far end' has to be able to resolve the name to an
> address, and then that address has to stay the same
> after it's cached by the bridge. I have NAT set up
> here at home and my servers have private static
> addresses but the outside world has no visibility of
> them so no-one can really access them except via the
> address of my router and the port forwarding I set up.
> It's an interesting problem and I wish there were a
> decent workaround based on static names or something
> similar. I had a conversation with Johnny Billquist
> who set up HECnet and wrote the bridge program. His
> view on using dynamic addresses was that there would
> always be an uncertain period when a static name
> mapped to a dynamic address would no longer match
> correctly so there would be brief periods where the
> DECnet traffic could be sent to an unsuspecting user -
> and might be misinterpreted by them as a Denial of
> Service attack.
> --- Degnan <billdeg@...> wrote:
> > You can do all of that, but from my experience it's
> > more trouble
> > than it's worth.
> > I suggest that you set up a router cablable of doing
> > a NAT translation
> > and assign a permanent internal IP. You can do with
> > with Linux and
> > don't even need a hardware router. You can use
> > Linux for the firewall
> > as well. That way, no matter what the external IP
> > is, you have an
> > internal IP that stays the same. Let the router
> > deal with the outside
> > world. There's a bit more to it than what I
> > describe, but use of
> > NAT will solve most of your problems.
> > Bill D
> Do You Yahoo!?
> Tired of spam? Yahoo! Mail has the best spam protection around
> YAHOO! GROUPS LINKS
> Visit your group "