On Friday 30 April 2004 7:20 pm, Oriol Magrané wrote:
> Hello!
> I'm trying to set up a firewall with two ethernets to be installed
> between the internet and a pool of servers.
>
> I have some public ips available (a.b.c.e, a.b.c.f, a.b.c.g,...) so now
> I want to map the external ip 'a.b.c.e' with the internal ip 192.168.1.100
>
> The only solution I've found is to define an ip alias in the firewall itself
> so that eth0:1 will respond to the external ip a.b.c.e Thus when the router
> of my ISP asks "who has ip a.b.c.e?", the firewall will answer "me" and it
> will process the packet and deliver it to the internal server 1.
>
> But this solution means defining an alias for every external ip I want
> to firewall. So if I have eight servers firewalled I will need eight ip
> alias in the firewall.
Correct. This is not a problem.
However, it is recommended that you use the new (well, not that new, but more
recent) "ip" commands to add addresses to interfaces, rather than the
deprecated ethn:x alias method.
Try: "ip addr add a.b.c.e dev eth0" instead of the ifconfig eth0:1 command.
Regards,
Antony.
--
"It would appear we have reached the limits of what it is possible to achieve
with computer technology, although one should be careful with such
statements; they tend to sound pretty silly in five years."
- John von Neumann (1949)
Please reply to the list;
please don't CC me.
