This is where I am getting confused I guess.... obviously 138.23.aa/24 and 138.23.bb/24 would normally be on physically separate networks, but in my case they are not. I suppose someone had a reason for this, but I don't know why.
I have gone through the shorewall documentation and read about aliasing, but I don't see anything that is similiar to my situation. Does anyone have any suggestions on how to go about making this work or is it just too wierd to have a network like this?
There's no way to do what you want unless both networks appear on both sides of your firewall (and all hosts on the LAN segments on both sides of the firewall have an address falling in both networks).
ARP is only used when communicating with a host in your own network.
Now if I setup my LEAF box to have the addresses (this is where this gets weird I guess, since normally they would be on physically separate networks) 138.23.aa.xx netmask 255.255.255.0 (eth0) and 138.23.bb.xx netmask 255.255.255.0 (eth0:0) can I not proxy arp for addresses in both subnets on my dmz?
Thanks, Ryan
-------------------------------------------------------
This SF.Net email sponsored by Black Hat Briefings & Training.
Attend Black Hat Briefings & Training, Las Vegas July 24-29 - digital self defense, top technical experts, no vendor pitches, unmatched networking opportunities. Visit www.blackhat.com
------------------------------------------------------------------------
leaf-user mailing list: [EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
