On Wed, 2007-11-21 at 16:11 +0000, Mateus Interciso wrote:
> On Wed, 21 Nov 2007 13:04:40 +0000, Mateus Interciso wrote:
[...]
> Maybe, if I explain a little more about the fisical network we have, it
> may be easier to understand(or find the problem)
I think you would need a second public IP address to assign to the Linux
box, or a third NIC that you could stick on the bottom and connect into
the D-Link Switch, see below.
> The bridge works like this
> |---(eth0)---|---->|---(NIC1)--|
> |---BRIDGE---| |---W2k3----|
> Internet--->|---(eth1)---| |---(NIC2)--|--->[D-Link Switch]===>LAN
|---(eth0)---|---->|---(NIC1)--|
|---BRIDGE---| |---W2k3----|
Internet--->|---(eth1)---| |---(NIC2)--|--->[D-Link Switch]===>LAN
|---(eth2)---|---------------------------^
eth2 has 10.100.0.1
Looking at this picture makes my head hurt though. ;)
> where NIC1 has the internet IP assigned by the ISP, and NIC2 has the
> internal IP 10.100.0.2, I would like to put the ip 10.100.0.1 on the
> bridge, so that I can access via ssh, and use internet there, so I can
> download ebtables to make the firewall, as well as other monithoring
> tools (like SNMP for instance).
If you want to use the internet with a 1918 address, then you will have
to stick it behind a NAT device, in your diagram it is in front. How is
the address supposed to be translated?
> But when I put
> ifconfig br0 10.100.0.1 netmask 255.255.255.0 up
> it doesn't ping 10.100.0.2 for instance, am I missing something here?
It arps for 10.100.0.2 and no one responds, this is expected as the arp
request doesn't ever reach NIC2 on W2k3.
--
Matt Zagrabelny - mzagrabe@xxxxxxxxx - (218) 726 8844
University of Minnesota Duluth
Information Technology Systems & Services
PGP key 1024D/84E22DA2 2005-11-07
Fingerprint: 78F9 18B3 EF58 56F5 FC85 C5CA 53E7 887F 84E2 2DA2
He is not a fool who gives up what he cannot keep to gain what he cannot
lose.
-Jim Elliot
Attachment:
signature.asc
Description: This is a digitally signed message part
