Howdy We have here an old (Mandrake Linux 8 - yeah i know...) PC with two NICs which serves as a firewall for our LAN and runs a Bind caching nameserver. Although the machine is getting old, it still works well. Thing is, i'm having a hard time trying to reproduce it, that is, getting another PC to do exactly the same thing this PC is doing. It was configured by a guy that left the company, so i can't simply ask him how he configured it configured. It's a precautionary measure, if the machine breaks down we need another one to go in its place. So while am at it i would love to replace the crusty old thing with a new one running OpenBSD. The networking scheme is:
Router (192.168.1.120) <-> (192.168.1.121) Firewall PC (192.168.1.122) <-> (192.168.1.0/24) LAN Now, thing is, the Linux firewall has two NICs: NIC 1: 192.168.1.121 NIC 2: 192.168.1.122 The two NICs on the Linux box are configured with 192.168.1.121 and 192.168.1.122, both interfaces on the same subnet. 192.168.1.121 acesses the company router (192.168.1.120) and 192.168.1.122 acesses the company LAN (192.168.1.0/24) >From what i've googled, this shouldn't even be possible, everything is on the same subnet. Regardless, it works great, and if i went and got an OpenBSD rig to replace the old Linux rig, it would have to retain this networking scheme, we can't afford to reconfigure the entire network just for switching our firewall. I known we could use a network bridge, but we need the caching nameserver functionality. I'm an all round Unix guy, but i'm a bit green on the routing departament. Can an OpenBSD box be configured the same way the Linux box is so it can be a drop-in replacement for the Linux box? I can of course depict in further detail the configuration of the Linux box (netstat -r to show the routes, ifconfig or whatever). ----------------------------- Elaconta.com Webmaster -----------------------------
