[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: newbie advice question - pf in front of multiple comps...



On Dec 1, 2004, at 10:59 AM, b h wrote:

however, someone at my work wants me to install a
firewall at a colo site - in front of say, six
machines, all with public internet routable
addresses...

so - I know this is likely a really stupid question,
but how do I manage this?  does the firewall have a
bunch of aliased IP addresses and rdr respectively to
private addresses behind?  is bgp (I know nothing
about yet) something that I need/should be using?

You want a bridge. It operates at layer 2, so there's no translation occurring.


http://www.openbsd.org/faq/faq6.html#Bridge

Pay special attention to the section "Filtering on a bridge".

--
Jason Dixon
DixonGroup Consulting
http://www.dixongroup.net