Hi Dean, Hi Newsgroup, hi mailing list, hi Charles,
Thanks to all who helped me sorting this one out.
It was quite simple in the end: A basic 2.9.8 LRP distribution with
all masquerading options turned off did the trick.
I can now see multiple web servers in one box, all with their own IP
addresses.
While this is a great achievement for me, I would still like to take
advantage of the many secuity features that the LRP and derived
distributions have to offer.
And here is my question to the gurus:
Would it not be easier to implement firewalling having 2 separate
networks (in the sense of truly different IP address ranges) as in my
case ?
In comparison I remember that Charles' rocket-science proxy-arp
solution is concerned with directing traffic between 2 interfaces with
the same IP address.
++++++++++++++++++++++++++++++
Again, here is my simple setup:
I have only 2 networks that I want to connect.
What makes things REALLY easy is that these small networks don't need
to be hidden or address-translated. They are both physically and IP
address-wise different networks with routable IP addresses in the
public internet IP range.
Here is the map:
~~~~~~~~~~~~~~~~~~~~~~
{ Network 0 }
{ a0.b0.c0.d/26 }
~~~~~~~~~~~~~~~~~~~~~~
|
Ethernet
|
|
-----------------------
| eth0 |
| LRP ROUTER |
| eth1 |
-----------------------
|
Ethernet
|
|
~~~~~~~~~~~~~~~~~~~~~~
{ Network 1 }
{ a1.b1.c1.d1/29 }
~~~~~~~~~~~~~~~~~~~~~~
There are multiple computers on each network. Computers on each
network use the interface of the router on their side as their
gateway.
No address translation is required, all addresses are real world IPs.
Bernard
[EMAIL PROTECTED]
References:
http://lrp.c0wz.com/index.htm
www.linuxrouter.org
www.freesco.org
http://sourceforge.net/docman/display_doc.php?docid=1397&group_id=13751
_______________________________________________
Leaf-user mailing list
[EMAIL PROTECTED]
http://lists.sourceforge.net/lists/listinfo/leaf-user
