> Steffen Weiberle wrote:
How many ways do you have to get to the internet? I hope two, since 10.0.0.0/24 will need one.


I am not able to picture your setup, however, take a look at

Maybe a better explanation of what I'm trying to accomplish would help.
This is my current setup which works well. The firewall does NAT so my public IP is translated to 10.0.0.2

   cable modem
        |
        |
   firewall(10.0.0.1)
        |
        |
      nic1 (10.0.0.2)
---bastion host----------
      nic2(192.168.0.100)
        |
        |
     switch
        |
        |
host1 host2 host3 host(n)
(all on 192.168.0.0/24)

Three public services run on the bastion host (dns, mail, webserver) and I thought I would introduce another level of security by moving these into zones but it has proven to be more difficult then I had anticipated because of the two subnets. All of my testing was done on a workstation with only network involved. All though I have limited experience with zones this seems like something that shouldn't be too difficult to set up.

--
 Robert W Hartzell
bear at rwhartzell.net
  RwHartzell.Net
_______________________________________________
zones-discuss mailing list
zones-discuss@opensolaris.org

Reply via email to