Datasheet
“main” (Installation and Administration) — 2004/6/25 — 13:29 — page 599 — #625
i
i
i
i
i
i
i
i
25
Internet
Using dial-on-demand, however, really only makes sense if you have a flat-
rate connection. If you use it but are charged for time online, make sure
there are no interval processes, such as a cron job, periodically establishing
a connection. This could get quite expensive.
Although a permanent online connection would also be possible using a
DSL flat-rate connection, there are certain advantages to having a connec-
tion that only exists for a short amount of time when needed:
Most providers drop the connection after a certain period of time.
A permanent connection can be considered a drain on resources (e.g.,
IP addresses).
Being online permanently is a security risk, because hackers may be
able to comb the system systematically for vulnerable areas. A system
that is only accessible over the Internet when necessary and is always
changing IP addresses is significantly more difficult to attack.
Dial-on-demand can be enabled using YaST. Alternatively, set it up manu-
ally. Set the parameter DEMAND=yes in the /etc/sysconfig/network/
providers/provider0 file then define an idle time via the variable
IDLETIME=60. This way, an unused connection is dropped after sixty sec-
onds.
To set up a DSL gateway for private networks, refer to the following article
from the support portal: http://portal.suse.de/sdb/en/2002/07/
masq80.html.
599
SUSE LINUX Enterprise Server