Hybrid firewall/router/bridge
Karl Fischer
karl.fischer@atlp.com
Wed, 22 Nov 2000 15:41:26 +0100
Kevin Jacobs wrote:
...
> Subnet1 <-------------------------> Router1 <--------
> 192.1.1.0/24 LAN 192.1.1.1 T1 \
> default gw=192.1.1.1 \
> "Internet"
> /
> /
> Subnet2 <-------------------------> Router2 <--------
> 192.2.1.0/24 LAN 192.2.1.1 T1
> default gw=192.2.1.1
what do you think about changing only ONE (1) IP-Address per subnet,
which would make life much easier ...
instead of doing
> The new topology:
>
> eth0 eth1
> Subnet1 <-----------> BOX1 <----------> Router1 <--------
> 192.1.1.0/24 LAN 192.1.1.2 LAN 192.1.1.1 T1 \
> gw=192.1.1.1 \
> "Internet"
> /
> eth0 eth1 /
> Subnet2 <-----------> BOX2 <----------> Router2 <--------
> 192.2.1.0/24 LAN 192.2.1.2 LAN 192.2.1.1 T1
> gw=192.2.1.1
I would try doing:
192.1.1.1 192.168.1.2
eth0 eth1
Subnet1 <-----------> BOX1 <----------> Router1 <--------
192.1.1.0/24 LAN LAN 192.168.1.1 T1 \
gw=192.1.1.1 \
"Internet"
192.2.1.1 192.168.2.2 /
eth0 eth1 /
Subnet2 <-----------> BOX2 <----------> Router2 <--------
192.2.1.0/24 LAN LAN 192.168.2.1 T1
gw=192.2.1.1
The ONLY thing you have to change with this setup is the INTERNAL
IP-Address of both routers, leaving everything else the same.
>From the client's side of view, the linux-box will replace the router.
That enables you to use the 192.168.x.x-Networks as transfer-net's
and work with real routing instead of bridging ...
Everthing else shouldn't be a problem after that ...
Regards
Karl