We have a couple sites connected by T-1 to the Internet and the ISP's have allocated /26 and /28 public networks for our customers' domains.
As you know, typically T-1's use a public /30 network to connect the external wan port to its peer address on the ISP side. This network belongs to the ISP and cannot be assigned to the customer. So, in Dachstein, we do something like this: wan1_IP_EXTRA_ADDRS="x.y.z.64/26" During interface initialization, this network gets associated with the interface wan1, which also is assigned the ISP's ip address. Is this ip aliasing? We're not quite sure why assigning the whole network results in only the first address responding to pings from the Internet; but, that is moot, for now . . . What is the best use of that public network in a DMZ ??? In other words: [1] We need one (1) ip address associated with the external interface, wan1; [2] We need one (1) ip address associated with the DMZ interface, eth1; [3] We need two (2) ip addresses, one for the network and one for broadcast; and [4] We want *all* of the rest available on the DMZ. How to configure this with Dachstein-CD ??? What do you think? -- Best Regards, mds mds resource 888.250.3987 Dare to fix things before they break . . . Our capacity for understanding is inversely proportional to how much we think we know. The more I know, the more I know I don't know . . . _______________________________________________ Leaf-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user