> Steffen Weiberle wrote:
How many ways do you have to get to the internet? I hope two, since
10.0.0.0/24 will need one.
I am not able to picture your setup, however, take a look at
Maybe a better explanation of what I'm trying to accomplish would help.
This is my current setup which works well. The firewall does NAT so my
public IP is translated to 10.0.0.2
cable modem
|
|
firewall(10.0.0.1)
|
|
nic1 (10.0.0.2)
---bastion host----------
nic2(192.168.0.100)
|
|
switch
|
|
host1 host2 host3 host(n)
(all on 192.168.0.0/24)
Three public services run on the bastion host (dns, mail, webserver) and
I thought I would introduce another level of security by moving these
into zones but it has proven to be more difficult then I had anticipated
because of the two subnets. All of my testing was done on a workstation
with only network involved. All though I have limited experience with
zones this seems like something that shouldn't be too difficult to set up.
--
Robert W Hartzell
bear at rwhartzell.net
RwHartzell.Net
_______________________________________________
zones-discuss mailing list
zones-discuss@opensolaris.org
