Re: Bridging and NAT

On Thu, Nov 07, 2002 at 07:35:31AM -0500, Jason Dixon wrote:
> The responder quickly flamed him for bridging and NAT'g at the same
> time, but I think he was having a brain fart.  Isn't it conceivable to
> support a configuration like this, where you'd want to filter incoming
> traffic across a transparent bridge, while also NAT'g for your internal
> network?  Or am I just too damn tired and missing something?
I don't see why the setup he suggested wouldn't work out of the box. As
long as both the external interface and the internal one for the NATed
clients have IP addresses assigned, IP forwarding is enabled, default
gateways set on clients and firewall, etc. it should just work.
He's not suggesting adding that internal interface to the bridge, after
all. And if the external interface has an IP address assigned, it will
work as expected, even if it is part of a bridge. The bridge detects
packets directed to the bridge itself, and hands them to the stack.
This is one of those cases where it's easier to try than to speculate :)