On 05/16/2011 02:33 PM, Tom Eastep wrote: > On 05/16/2011 02:28 PM, Tom Eastep wrote: >> On 05/16/2011 02:16 PM, Douglas Hammond wrote: >>> Sorry the first subnet is >>> >>> x.x.57.53/29 >>> >>> I believe the ISP is routing both assigned subnets to x.x.57.7. >>> >>> Is it best to just alias the dmz interface and route? >>> eg eth2 x.x.57.54 and eth2:0 x.x.114.114? >>> >>> By reading the setup guide proxy arp looked like it may be easier. It >>> looks like I could just assign and unused local subnet to eth2 and put all >>> my dmz hosts for both assigned subnets on it. >>> >> >> Do nothing except enable routing! Thats *all* you need to do. > > Rather 'enable forwarding'. Give eth2 one of the addresses in your /29 > and then the hosts attached to that interface can have the other 5 IP > addresses in that network.
Although if eth2 is your network-facing NIC, you might want to use another NIC for your x.x.114.114/29 net -Tom -- Tom Eastep \ When I die, I want to go like my Grandfather who Shoreline, \ died peacefully in his sleep. Not screaming like Washington, USA \ all of the passengers in his car http://shorewall.net \________________________________________________
signature.asc
Description: OpenPGP digital signature
------------------------------------------------------------------------------ Achieve unprecedented app performance and reliability What every C/C++ and Fortran developer should know. Learn how Intel has extended the reach of its next-generation tools to help boost performance applications - inlcuding clusters. http://p.sf.net/sfu/intel-dev2devmay
_______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
