[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: IPNAT rdr from inside to static IPs?



On Sat, Aug 04, 2001 at 03:27:40PM -0400, Daniel Rubin wrote:
> Remi,
> 
> in hostname de0 you specify the netmask and that is why I included
> the /.29 below.  Are you saying I should have entries like this in
> my hostname.de0 file:
> 
> inet alias 1.2.3.27 255.255.255.255 NONE

Yes, aliases should have a netmask of 255.255.255.255, nothing else.
But wait...

> The .25 address on tun0 is my static IP end of the PPP dial-up link.
> That is why it is on tun0.

Ok. Btw, since it's a point-to-point link, the address on tun0 is by
definition a /32.

> The de0 NIC supports all of my static (internet valid) IP addresses
> even when the PPP link is not up.

If the PPP link is down you can't receive anything anyway... And your
internal network won't talk to them too since you will redirect these
IPs to your DMZ, whether the PPP link is up or down.

> The ISP routes all my static IP addresses to "my router" at .25.  So
> you are saying to take .25 off of de0?

If your ISP already routes all your /29 subnet to 1.2.3.25 then you
don't need any aliases anywhere.
And since 1.2.3.25 is your end of the PPP link, you don't need (and
should'nt have) .25 on de0.

It's perfectly legal to have a NIC without any IP. Just put "up" in
/etc/hostname.de0. And reboot because you probably have a funny
looking route table :)

-- 
Rémi



Visit your host, monkey.org