On Monday 01 November 2004 15:44, Rene Gallati wrote:
> Hm that is a solution, however how do I "attract" the traffic for the
> PCs in the LAN? I can either assign all IPs as aliases which looks a bit
> crude or use proxyArp or bridging to convey the traffic over from one
> side to the other.
The isp should route all traffic for your 1.2.3.0/28 range to 1.2.3.1.
>From your example: Range is 1.2.3.0/28 (1.2.3.0 - 1.2.3.15)
eth0: 1.2.3.1 eth1: 1.2.3.1
---- Internet ------- FW Box ------ LAN (1.2.3.0/28)
default gw lan machines: 1.2.3.1
default gw firewall: assigned gw from your isp (in 1.2.3.0/28)
ip route add default via 1.2.3.X dev eth0
routes on your firewall: for each lan, going out on eth1:
ip route add 1.2.3.1 dev eth0
(don't know if this works, but it's to make sure packets for the lan
host 1.2.3.1 are leaving out on eth1)
> At the moment, transparent bridge filter looks like the best idea to me,
> however the lan nic is a gigE card so I don't know if running it in
> promiscous all the time would be a good idea.
Stef
--
stef.coene@xxxxxxxxx
"Using Linux as bandwidth manager"
http://www.docum.org/
_______________________________________________
LARTC mailing list / LARTC@xxxxxxxxxxxxxxx
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
