> interface itself? Perhaps that's the wrong approach. > Do I need WAN/LAN bridging? Something else?
Start subnetting, create a /29 for the external untrusted interface(s) + vips. Take the remainder and salt and pepper amongst dmz interfaces as required. If you're going to use vlans, do not mix zones of trust on the same switch. Greg
