Re: Centos Firewall - router with virtual IP

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] 

On 11/03/2011 06:54 PM, John R Pierce wrote:
> On 11/03/11 5:43 PM, Fajar Priyanto wrote:
>> Now, I'm adding some virtual interface eth1:0, eth1:1... so on to
>> accommodate new subnets created in the LAN.
> 
> whats the point of having multiple subnets on the same physical LAN 
> segment ?   if you want to isolate separate local networks, you really 
> should use separate physical adapters with separate switches... or VLAN 
> switching if you have a switch that supports VLAN trunking.
> 
> anyways, whatever, yes, you can do it with iptables, but not all off the 
> shelf firewall script generators will support multiple LAN subnets.   I 
> usually write my own iptables rulesets.
> 
I can say first hand that fwbuilder easily handles managing scripts for multiple
subnets and aliased addressing on NIC's. I use separate interface cards for each
subnet, however. (5 NIC's, 4 internal subnets, 3 public IP's on the one external
facing NIC)

-- 
KevinO
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos
[Index of Archives]     [CentOS]     [CentOS Announce]     [CentOS Development]     [CentOS ARM Devel]     [CentOS Docs]     [CentOS Virtualization]     [Carrier Grade Linux]     [Linux Media]     [Asterisk]     [DCCP]     [Netdev]     [Xorg]     [Linux USB]
  Powered by Linux