On Thu, Jul 01, 1999 at 08:34:53AM -0700, Stuart Marshall wrote: > The current network looks like: > X.Y.(116 or 12).xxx > upstream router ------------------ switched_hub ---- local_machine_a > X.Y.116.254 || \___ local_machine_b > X.Y.12.254 (alias) switched_hub ---- .... > || > .... > > > I would like it to look like: > > > upstream router ------ firewall -- switched_hub ---- local_machine_a > X.Y.116.254 || \___ local_machine_b > X.Y.12.254 (alias) switched_hub ---- .... > || > ....
the easiest and most straight-forward way, is to get the upstream router to route everything for your networks through your firewall's IP (ie. they do: route add -net x.y.116.0 gw your.firewall.ip) no fancy firewall rules or ARP trickery (the proxy arp method won't need help from upstream, but won't scale well if you have lots of machines) -- - Gus
