Quick question, assuming I can get a /24 public network, and have a private /24 address (quite densely occupied), does it have any advantages, from the firewall simplicity point of view, or should I get for a smaller network (say, /26)?
Some of the LAN machines need to have no access to the Internet nor LAN (zone 0), most LAN machines do, but would be happy with NAT (zone 1), a few need to live in DMZ space, firewalled from LAN (zone 2). I have 4 NICs, and VLAN-capable switches, so I was planning to do that with VLANs, and work with a /26 public IP network. Does this make sense, or should I try getting a public /24 network, if I can get it? Thanks.
