Hello,
Mike Wright a écrit :
Rick Jones wrote:
If instead, you further subnettted 192.168.1 with a /25 on the PCs
(but still a /24 on the router), the Router/Firewall wouldn't have to
know about the other subnet. It could just blythly ass-u-me that the
end-PC was on the same network segment as the middle PC. So long as
the middle PC was configured with a static, public ARP entry for the
IP of the end PC, and had ip_forwarding enabled, it would "front" for
the end PC.
How does the middle PC setup the static, public ARP entry?
By enabling proxy ARP on the interface connected to net A in your
diagram (/proc/sys/net/ipv4/<interface>/proxy_arp).
However you might have trouble if your applications rely on broadcast
packets which cannot be forwarded by routers.
--
To unsubscribe from this list: send the line "unsubscribe netfilter" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
