On 23 Sep 2004, Mike Mestnik wrote: > --- Daniel Pittman <[EMAIL PROTECTED]> wrote:
[...] >> Just a quick question: are you sure you don't want to give those LAN >> machines a public IP address, and use standard IP forwarding? >> >> Others have suggested, of course, the use of the 'dnat' function with >> firehol to perform the address transformation. >> >> Also, note that using NAT means that accessing those public addresses >> within the LAN will not work without significant and annoying work on >> your part. > > Documented here: > http://wiki.debian.net/index.cgi?Firewalls-dnat-redirect > > Now that I think of it, there are some of the same problems with using > external IPs on an internel network. Though the default setup is working, > ok, and valid. Exactly which of the same problems do you see with using external IP addresses on the internal network? You see, as long as NAT is not involved, this is the way the Internet has worked since the introduction of IP, so whatever issues you think you see are ... difficult to imagine. If there is some description of the problem you see on that page in the wiki, I cannot locate it. I have, however, started to rewrite it to make it easier to find actual information in there. So, if you could spell out which problems you imagine would be encountered by not using NAT, that would be great. Regards, Daniel -- The length of a film should be directly related to the endurance of the human bladder. -- Alfred Hitchcock
