1 |
I'm having difficulty figuring out something that I think should be simple so |
2 |
I was hoping some of the talented folk here could help me out: |
3 |
|
4 |
Say I've been given the following public, routeable IPs to use: |
5 |
123.123.123.10 |
6 |
123.123.123.11 |
7 |
123.123.123.12 |
8 |
123.123.123.13 |
9 |
|
10 |
And I want to put them all behind the same firewall while assigning the |
11 |
public IPs to the protected machines: |
12 |
|
13 |
+- 123.123.123.11 |
14 |
| |
15 |
123.123.123.10 --+- 123.123.123.12 |
16 |
| |
17 |
+- 123.123.123.13 |
18 |
|
19 |
Ideally, I'd like to have a number of non-routeable IPs available by way of |
20 |
one of these two options: |
21 |
|
22 |
+- 123.123.123.11 |
23 |
| |
24 |
123.123.123.10 --+- 123.123.123.12 |
25 |
| |
26 |
+- 123.123.123.13 |
27 |
| |
28 |
+- 192.168.1.1 |
29 |
| |
30 |
+- 192.168.1.2 |
31 |
|
32 |
OR |
33 |
|
34 |
+- 123.123.123.11 |
35 |
| |
36 |
123.123.123.10 --+- 123.123.123.12 |
37 |
| |
38 |
+- 123.123.123.13 --+- 192.168.1.1 |
39 |
| |
40 |
+- 192.168.1.2 |
41 |
|
42 |
How do you do this? Up until recently, I've just assigned all of the |
43 |
routeable IPs to the firewall and forwarded the appropriate ports to the |
44 |
servers behind -- but ALL the servers behind the firewall are using |
45 |
192.168.0.0/16 ips at that stage. |
46 |
|
47 |
I thought I could just allow Linux to forward the packets, but I couldn't |
48 |
figure out the routing since I'm not dealing with a whole subnet, only a few |
49 |
allocated IPs. |
50 |
|
51 |
Someone care to shed some light here? |
52 |
|
53 |
|
54 |
-- |
55 |
the more law and order are made prominent, |
56 |
the more thieves and robbers there will be. |
57 |
- lao-tsu |
58 |
-- |
59 |
gentoo-user@g.o mailing list |