A: Because it messes up the order in which people normally read text. Q: Why is top-posting such a bad thing? A: Top-posting. Q: What is the most annoying thing in e-mail?
Ryan Ferguson wrote: >ok, thank you, but I'm not sure that it'll work for this situation >will it?. I already have three interfaces in the machine because >there are two lans on separate subnets and some of the servers >cannot be located on the dmz with a public address cause they are >domain controllers. Is there a way I can keep the current lan >setups since some of them are also on xen machines running on the >lan? At work we have customers in that situation - not to mention ourselves. While it does lessen the protection from having a DMZ, you can dual-home those machines that need a presence in the LAN. The same goes for your Xen hosts. So for your Xen hosts you could have 2 or 3 NICs (and associated bridges) so they are on one or both lans in addition to the dmz. Then you can connect your guests to whichever network(s) they need. You do not need to give a Dom0 an address in order to put it on a network - so you can keep the host with just an address on the lan, but a physical presence in the dmz. For real hosts, it's a matter of having multiple NICs connected to the right networks. Depending on your scale, you could replace "multiple NICs" with "single NIC and VLAN trunking", but that's a bit more effort to manage and some people struggle to get their heads around VLANs. The alternative is to start using "host routes" and/or proxy-arp to 'pass-through' public IPs individually to hosts located on one or other lan - these hosts will need to have two IPs on an interface, one for the lan, one public. -- Simon Hobson Visit http://www.magpiesnestpublishing.co.uk/ for books by acclaimed author Gladys Hobson. Novels - poetry - short stories - ideal as Christmas stocking fillers. Some available as e-books. ------------------------------------------------------------------------------ Why Cloud-Based Security and Archiving Make Sense Osterman Research conducted this study that outlines how and why cloud computing security and archiving is rapidly being adopted across the IT space for its ease of implementation, lower cost, and increased reliability. Learn more. http://www.accelacomm.com/jaw/sfnl/114/51425301/ _______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
