We have a couple sites connected by T-1 to the Internet and the ISP's
have allocated /26 and /28 public networks for our customers' domains.
As you know, typically T-1's use a public /30 network to connect the
external wan port to its peer address on the ISP side. This network
belongs to the ISP and cannot be assigned to the customer.
So, in Dachstein, we do something like this:
wan1_IP_EXTRA_ADDRS="x.y.z.64/26"
During interface initialization, this network gets associated with the
interface wan1, which also is assigned the ISP's ip address. Is this ip
aliasing? We're not quite sure why assigning the whole network results
in only the first address responding to pings from the Internet; but,
that is moot, for now . . .
What is the best use of that public network in a DMZ ???
In other words:
[1] We need one (1) ip address associated with the external interface,
wan1;
[2] We need one (1) ip address associated with the DMZ interface, eth1;
[3] We need two (2) ip addresses, one for the network and one for
broadcast; and
[4] We want *all* of the rest available on the DMZ.
How to configure this with Dachstein-CD ???
What do you think?
--
Best Regards,
mds
mds resource
888.250.3987
Dare to fix things before they break . . .
Our capacity for understanding is inversely proportional to how much we
think we know. The more I know, the more I know I don't know . . .
_______________________________________________
Leaf-user mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
