Date: Wed, 15 May 1996 18:55:51 -0600 From: Nate Williams <nate@sri.MT.net> To: Michael Smith <msmith@atrad.adelaide.edu.au> Cc: nate@sri.MT.net (Nate Williams), jmb@freefall.freebsd.org, questions@freebsd.org Subject: Re: Networking / Routing question Message-ID: <199605160055.SAA21095@rocky.sri.MT.net> In-Reply-To: <199605160103.KAA01009@genesis.atrad.adelaide.edu.au> References: <199605151947.NAA19867@rocky.sri.MT.net> <199605160103.KAA01009@genesis.atrad.adelaide.edu.au>
next in thread | previous in thread | raw e-mail | index | archive | help
Michael Smith writes: > Nate Williams stands accused of saying: > > > > > > Since I have two ethernet segments, I must have two different subnets, > > > > but I don't see any easy solution to the problem. It would be nice if I > > > > could use the ethernet segment as a point-point connection in this case > > > > (for latency & BW ethernet is the cheapest way to go). > > > > > > > > What would you suggest? > > > > > > use rfc-1918 addresses on the segment between the router and the > > > firewall. keep all your 32 ip addresses for your hosts. > > I was going to suggest this, until it occurred to me that it would be > impossible for the firewall to connect out through the router. (With a > default route set to the router, packets originating on the firewall > will have an unroutable source address, and responses will never come > back.) The 'firewall' is our main email gateway box, and will end up doing all of the 'ftp/www/dns/etc' service to the world. > If you are running any sort of proxy on the firewall, this won't work. > If not, then you win. Hmm, this *might* not be a win then. Any suggestions?
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199605160055.SAA21095>