On Monday 10 November 2003 10:15 am, netfilter@xxxxxxxxx wrote:
> > ip addr add dev eth0 213.25.24.3
>
> If I have a network routed to my linux box say 192.168.1.0/24, do I still
> have to add every IP on the subnet if I want to be able to use NATing for
> the entire subnet?
You need to add every IP address for which you want an interface to accept
packets on a local subnet. Otherwise the upstream router won't know where
to send them becaause nothing responds to ARP requests.
> Also doesn't adding 250 IP addresses to a NIC affect performance?
I'm inclined to say "no", however someone's bound to say "it affects it by
some miniscule amount", so I'll say "it affects the performance of the box a
lot less than does routing the traffic you want to push through it".
If you don't like the idea of adding 250 addresses to an interface, simply
change your network layout so that those addresses are being routed through
the netfilter machine, rather than existing on a subnet it is directly
connected to, then you can do the DNAT and the FORWARD without needing thr
address attached to the interface.
Antony.
--
Most people have more than the average number of legs.
Please reply to the list;
please don't CC me.
