I didn't see this email before my initial post. If this is the way you
elected to go (and I would recommend against it as I did in my earlier
email) you can still conserve many of the lost 127 addresses by
resubnetting that network and aliasing your nic to act as a gateway for
each of these small networks.
You might really want to consider my private subnet solution for the
front end. I've set it up myself. It requires a good working knowledge
of routing tables and firewalling but should require no special kernel
mods (arp forwarding or anything like that) and should work on even 2.2
kernels ... let me know if you want some pointers.
Regards,
Sheer
On Tue, 27 Nov 2001, Benjamin Stocker wrote:
>
> Hello Bruno and Ulrich,
>
> many thanks for your postings with detailed conf. tips. This was the key
> making my problem go away :-)
>
> Cheers, Benjamin
>
> On Tue, 27 Nov 2001, Bruno Gimenes Pereti wrote:
>
> > Why don't you subdivide your class C?
> >
> > [ internet ]---nic1[ Firewall ]nic2---[ your hub ]---nicX[ your servers ]
> >
> > Let's supose your class C is: 222.222.222.000/24
> >
> > nic1 could be 222.222.222.1/25
> > (network 222.222.222.0, netmask 255.255.255.128, broadcast 222.222.222.127)
>
> *snip*
>
> ------------------------------------------------------------------------
> To unsubscribe email security-discuss-request@linuxsecurity.com
> with "unsubscribe" in the subject of the message.
>
------------------------------------------------------------------------
To unsubscribe email security-discuss-request@linuxsecurity.com
with "unsubscribe" in the subject of the message.
