On 26/06/2020 05:18, Grant Taylor wrote:
> On 6/23/20 11:34 AM, R.Wieser wrote:
>> Hello all,
>
> Hi,
>
>> I've got a few computers in seperate subnets which I do not allow to
>> communicate with each other.
>
> Is that "have not (yet)" or "will not (ever)" allow them to communicate
> with each other?  —  I'm guessing that the computers currently can't
> communicate with each other via TCP/IP (et al.).  But are you willing to
> (re)configure things so that they can communicate with each other via
> TCP/IP?  Or do you want to forbid that?
>
> What precisely does "communicate" mean in this context?  —  Does storing
> a file in an intermediary location for the far end system to pick up
> count as "communication"?  Or are you specifically referring to
> something like end-to-end TCP/IP connections?
>
> I ask these questions because I've had client's have different answers
> and they effect the solution(s).
>
>> When I need to transfer data between computers in those subnets I use
>> an USB stick.
>
> This tells me that you are okay with them accessing files through some
> intermediate system / device?
>
>> Somehow my thoughts went to if it would be possible to use an RPi 3B+
>> as a kind go-between.
>
> Quite likely.
>
>> The first problem would be that I would need to add another (or more)
>> ethernet connection (so the 'puters on one subnet cannot reach 'puters
>> on the other one).
>
> Now it sounds like you might be willing to allow end-to-end TCP/IP
> connections.  Be it routing, NATing, or something more exotic.
>
>> Is that at all possible
>
> Yes.
>
>> (at a usable speed) ?
>
> It depends what you consider to be a usable speed.
>
>> The second would be to how to transfer data from one subnet to the other.
>
> This is traditionally done with IP routing, possibly in combination with
> NATing.
>
>> For that I could imagine a kind of "post office" solution, where
>> 'puters on both subnets can leave messages for each other and ofcourse
>> read each others replies, but never directly talk to each other.
>
> As others have indicated, a common way point, or post office, is
> certainly possible.  How functional it is depends on what technology you
> use.
>
>> (both 'puters connect to a known port on the RPi).
>
> Do you mean physical port?  TCP port?  Something else?
>
> Also, does it matter, do you care, what port they connect to if things
> work the way that you want?
>
>> Does anyone know if such a sulution or project (and tutorial?) for
>> such a thing exists ?
>
> I know exactly what I would use if I wanted computers on different
> networks to exchange messages / files / commands with each other without
> being able to establish end-to-end connections between them.
>
> I'd use UUCP over SSH.  (You can use UUCP over TCP or serial too.)
>
> UUCP will provide a way for computer A to send messages / files /
> commands to computer C via computer B.  Both ends can initiate a push or
> a pull request to / from the other.  (If you want them to.)
>
> You can easily support file copy, email, news, remote command execution,
> and many other things through UUCP.  As in you can use industry standard
> clients on both computers A and C.  The clients just talk to local
> servers which then send things through B with UUCP.
>
> Yes, I think that a Raspberry Pi, even the original, could easily
> fulfill this role.  The only limitations that I see are the network
> speed, storage capacity, both of which are only an issue if you want to
> send some really big files / messages.
>
>
>
What an incredibly stupid answer

What you need is of course a router with at least two ports, one for
each subnet. You could build one out of a pi with an extra interface,
but really almost any router that is capable of handling an ethernet
presentation of the internet (cable or fiber to the premises, both of
which use modems that end in an ethernet socket) can be used here.
Yiou should be able to turn off NAT and set up[ a basic firewall on any
old gash broadband router you have lying around that would work pn cable
for example.


--
Renewable energy: Expensive solutions that don't work to a problem that
doesn't exist instituted by self legalising protection rackets that
don't protect,  masquerading as public servants who don't serve the public.

--- SoupGate-Win32 v1.05