Hi Tom
Just a quick and dirty https://www.dropbox.com/s/d870c1r2k7ll4dv/brouter.png
eth1 has public IPs on the new firewall in the same range as the current
firewall connected to the bridge (nic eth2) on the new firewall.
2014-05-13 22:34 GMT+02:00 Tom Eastep <[email protected]>:
> On 5/13/2014 7:39 AM, Lars Erik Dangvard Jensen wrote:
> > Hi list
> >
> > We need to put a switch in front of our current firewall to connect our
> > current firewall and a new firewall at the same time, each firewall goes
> > to its own racks.
> >
> > Instead of powering up a separate hardware switch I was thinking of a
> > brouter since we're not going to use 24 or 48 ports in a switch.
> >
> > We have a set of public IP addresses which on the figure
> > http://shorewall.net/bridge-Shorewall-perl.html#bridge-router are
> > positioned much like 192.0.2.x range with our current firewall
> > configured with all public IP addresses DNAT'ing to a DMZ in the yellow
> > area.
> >
> > The idea is to have our ISP uplink and current firewall with public IPs
> > configured connect to a bridge on our new firewall, both firewalls with
> > public IP addresses in the same range.
> >
> > So I would like to have eth1 on the new firewall DNAT to a DMZ in the
> > green area alongside our current firewall DNAT to a DMZ in the yellow
> > area with IP addresses in the same public IP range.
> >
> > My question is how eth1 is connected to br0, is it connected like a
> > normal hardware switch, if not how can I connect eth1 to br0 ?
>
> I am not at all clear about what you want to do. Can you please provide
> a diagram with addresses?
>
> Thanks,
> -Tom
> --
> Tom Eastep \ When I die, I want to go like my Grandfather who
> Shoreline, \ died peacefully in his sleep. Not screaming like
> Washington, USA \ all of the passengers in his car
> http://shorewall.net \________________________________________________
>
>
>
> ------------------------------------------------------------------------------
> "Accelerate Dev Cycles with Automated Cross-Browser Testing - For FREE
> Instantly run your Selenium tests across 300+ browser/OS combos.
> Get unparalleled scalability from the best Selenium testing platform
> available
> Simple to use. Nothing to install. Get started now for free."
> http://p.sf.net/sfu/SauceLabs
> _______________________________________________
> Shorewall-users mailing list
> [email protected]
> https://lists.sourceforge.net/lists/listinfo/shorewall-users
>
>
--
Med venlig hilsen / Best regards
Lars E. D. Jensen - DCmedia Hosting
Blangstedgårdsvej 8, DK-5220 Odense SØ
+45 8888 7890 (direkte)
[email protected]
https://www.dcmediahosting.com
http://www.linkedin.com/in/larsedj
------------------------------------------------------------------------------
"Accelerate Dev Cycles with Automated Cross-Browser Testing - For FREE
Instantly run your Selenium tests across 300+ browser/OS combos.
Get unparalleled scalability from the best Selenium testing platform available
Simple to use. Nothing to install. Get started now for free."
http://p.sf.net/sfu/SauceLabs
_______________________________________________
Shorewall-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/shorewall-users
