On Mon, 2020-10-26 at 17:02 +0000, Steve Hill wrote: > In addition to 198.51.100.1 and 192.51.100.2, the ISP is providing > 28 extra public IPs (192.51.100.3-30), and I want to the firewall to > be able to DNAT those IPs to internal machines, which means it needs > to answer ARP for them. > > The router is routing all of the public IPs directly to its internal > NIC. In an ideal world, we'd just reconfigure the router so that the > IPs are routed via the firewall rather than being directly > connected. However, I'm finding that for managed routers, ISPs are > increasingly unwilling to set up custom routing. I'm curious how they expected you to use their extra IPs if they won't let their router be configured for them. -- uname -rsvp Linux 3.10.0-1127.19.1.el7.x86_64 #1 SMP Tue Aug 25 17:23:54 UTC 2020 x86_64 Boilerplate: All unexpected mail to my mailbox is automatically deleted. I will only get to see the messages that are posted to the mailing list. _______________________________________________ users mailing list -- users@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to users-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/users@xxxxxxxxxxxxxxxxxxxxxxx