On 1/15/10 2:36 PM, [email protected] wrote: >> 1. Question. >> Imagine a setup where I have /30 as wan ip and routed a /29 public ip >> net to >> that address.
This part is unclear. If your WAN interface uses a /30 prefix (255.255.255.252), then you are on a /30 subnet, not a /29 subnet. >> I have several lan-interfaces that I want to separate, so that every >> lan net >> will be natted through its own public ip. This can be true for only very small instances of "several": - with a /29 there are six valid hosts possible, one of which is your ISP's router - with a /30 there are two valid hosts possible, one of which is your ISP's router In the former case, yes, you can map each of five IP addresses on your WAN interface to some other address(es) on your protected interfaces. In the latter case, you have only one routable address. You still can map multiple services onto this address but you'd need different port numbers for each (to make up an example, you could map ports 2222, 12222 and 22222 to three different sshd servers on your protected network). dn >> If I have understood correctly, then I don't need to set up an >> interface >> with the public ip net, as long as I'm using "other" VIPs. >> Is that right? >> >> 2. Question. >> Imagine a setup where I have /30 as wan ip and routed a /29 public ip >> net to >> that address. >> I want to hand some of the public ips directly to servers, and I want >> to use >> some as virtual ips. >> If I have understood correctly, then I would set up an interface with >> the >> public ip net. But what vips will I use? >> >> Kind regards Anders > > > Please don't double post... you asked this question on Wed 1/13/2010 3:59 > AM. > > Best Regards, > Nathan Eisenberg > > Ok, But if you are able, I'll really appreciate your or someone else help. > > Kind regards, > Anders Dahl > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [email protected] > For additional commands, e-mail: [email protected] > > Commercial support available - https://portal.pfsense.org > > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [email protected] > For additional commands, e-mail: [email protected] > > Commercial support available - https://portal.pfsense.org > --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected] Commercial support available - https://portal.pfsense.org
