From owner-freebsd-hackers Wed Dec 10 18:01:40 1997 Return-Path: Received: (from root@localhost) by hub.freebsd.org (8.8.7/8.8.7) id SAA17319 for hackers-outgoing; Wed, 10 Dec 1997 18:01:40 -0800 (PST) (envelope-from owner-freebsd-hackers) Received: from scanner.worldgate.com (scanner.worldgate.com [198.161.84.3]) by hub.freebsd.org (8.8.7/8.8.7) with ESMTP id SAA17310 for ; Wed, 10 Dec 1997 18:01:32 -0800 (PST) (envelope-from marcs@znep.com) Received: from znep.com (uucp@localhost) by scanner.worldgate.com (8.8.7/8.8.7) with UUCP id TAA09529; Wed, 10 Dec 1997 19:01:20 -0700 (MST) Received: from localhost (marcs@localhost) by alive.znep.com (8.7.5/8.7.3) with SMTP id TAA02272; Wed, 10 Dec 1997 19:01:39 -0700 (MST) Date: Wed, 10 Dec 1997 19:01:38 -0700 (MST) From: Marc Slemko To: Joerg Wunsch cc: freebsd-hackers@freebsd.org Subject: Re: I seriously need some networking help In-Reply-To: <199712110048.BAA09610@uriah.heep.sax.de> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-hackers@freebsd.org X-Loop: FreeBSD.org Precedence: bulk On Thu, 11 Dec 1997, J Wunsch wrote: > "J. Weatherbee - Senior Systems Architect" wrote: > > > I attempted making the firewall to router link a 192.168.x.x network, and > > using dual ip on it, unfortunately it interesting that the link gets > > published by traceroute for instance from the outside world. > > Sure, but that's only a cosmetical problem. I've seen 10.* > intermediate network addressess even on major Internet relays when > tracerouting. It should be totally acceptable for an endpoint > transient network. Nobody has any need to access the interfaces on > this network. So tell me what happens when the box that interface is on needs to send an ICMP message like can't fragment? What IP does it use? If it uses the private one, you lose. This does break things like PMTU-D.