On 9/26/24 15:44, Nicolas Goy wrote:
[trimmed]
I might not have been clear enough, the 1.0.0.0/24 example is a public /24
routable network, not a 10.0.0.0/8 network.
What I want is to be able to use as much as this network as possible (here 2 ip
per host) and allow firewall rules between hosts. The Ipv6 part is easier to
manage as I can spawn as many subnet as I want.
And the reason is that the hosts are untrusted and must be firewalled between
them, so I need layer 2 isolation.
If they are attached to a public routeable net, wouldn't they be able to
speak to each other there?
Even if you put a filter in they could access each other using a VPN.
geoff steckel
