>> From my understanding, you CANNOT MASQ out an aliased interface.
>> You must masq out eth0, eth1, etc. You can make the private
>> networks eth0:1, etc though.
>
>Why not? Is it not possible for some low level reason, or just
>because it can't handle aliases as written?
I beleive it is the latter.
>This is a serious problem, because a number of corporations have
>firewalls that only allow users to access web servers via port 80,
>and I need my extranet we servers to be behind a firewall.
Use multiple NICs. Using aliased interfaces is not an optimial
setup anyway.
>Using multiple NIC is not a scalable answer
Why not? You can get 4-port PCI NICs now. That and get a
server motherboard with 12 PCI slots and you are set.
>NAT doesn't meet my
>requirements (multiple machines behind *each* address)
Multiple machines behind each MASQ'ed address?
>FYI ipmasqadm doesn't seem to object to being asked to MASQ aliases.
But does it work?
--David
.----------------------------------------------------------------------------.
| David A. Ranch - Linux/Networking/PC hardware [EMAIL PROTECTED] |
!---- ----!
`----- For more detailed info, see http://www.ecst.csuchico.edu/~dranch -----'
_______________________________________________
Masq maillist - [EMAIL PROTECTED]
http://tiffany.indyramp.com/mailman/listinfo/masq
Admin requests can be handled by web (above) or [EMAIL PROTECTED]
