I'm embarrassed to ask such a simple question. Since 3.4 I've been running PF
firewalls, but mostly for very small networks with 32 or fewer external
addresses. I always assigned my external IPs to my external interface and then
did NAT or bi-NAT.
Now I'm building firewalls for much larger
On 01/25/2011 01:30:45 PM, Brian Keefer wrote:
I'm embarrassed to ask such a simple question. Since 3.4 I've been
running PF firewalls, but mostly for very small networks with 32 or
fewer external addresses. I always assigned my external IPs to my
external interface and then did NAT or
On Jan 25, 2011, at 12:15 PM, Karl O. Pinc wrote:
On 01/25/2011 01:30:45 PM, Brian Keefer wrote:
Now I'm building firewalls for much larger networks with /25 of
external IPs. They will all be either static or dynamic NAT, so
proxy-ARP doesn't seem like the way to go. Do I absolutely have
