On Tue, 31 Dec 2002 15:54:17 -0500, Stephen Frost <sfrost@snowman.net> wrote in message <20021231205417.GQ677@ns>: > * Kevin McConnell (kevymac@yahoo.com) wrote: > > > > --- Stephen Frost <sfrost@snowman.net> wrote: > > > The two havn't got anything to do with each other. > > > NATing is modifying > > > packets as they pass through the router. Addressing > > > is the IP address > > > and whatnot to access the firewall/router. One does > > > not require the > > > other. > > > > This leads me to another question then. What are the > > advantages of not having an IP address assigned to > > interface(s) of the firewall? Like for instance, if my > > firewall was the gateway to the outside world, how > > would I tell machines behind the firewall to get out > > to the outside world if they didn't have a default > > route pointing to the internal address of the > > firewall? Also, how would packets that hit the > > firewall get routed through the other side? > > A router is not a bridge. The two are different things. You're > thinking of things in terms of a 'router'. In order for your > computers to reach the external network they have to go through a > router, true. A firewall can be implemented as part of a router or as > part of a bridge. The only requirement being that the packets are > required to pass through the device. If you implemented your firewall > as a bridge then the machines on the network wouldn't 'see' it, they > would point their default routes to the router on the opposite side of > the bridge. > > I think the critical point here is that you need to understand what a > bridge is and how it works and how it's different from a router. > ..think of is as a relay. -- ..med vennlig hilsen = with Kind Regards from Arnt... ;-) ...with a number of polar bear hunters in his ancestry... Scenarios always come in sets of three: best case, worst case, and just in case.
