Re: newbie advice question - pf in front of multiple comps...

On Dec 1, 2004, at 10:59 AM, b h wrote:

however, someone at my work wants me to install a
firewall at a colo site - in front of say, six
machines, all with public internet routable

so - I know this is likely a really stupid question,
but how do I manage this?  does the firewall have a
bunch of aliased IP addresses and rdr respectively to
private addresses behind?  is bgp (I know nothing
about yet) something that I need/should be using?

You want a bridge. It operates at layer 2, so there's no translation occurring.


Pay special attention to the section "Filtering on a bridge".

