Well I was part of that earlier discussion in May when I FINALLY
go PacHell to actually get my line operational... I've also got the Enhanced
DSL package with the /29 subnet... I still don't have my network topography
like I want it because of the fact that the one IP from the /29 is on their
side which is used for the default gateway on our side... Really just wish
they'd setup a /30 P-t-P addressing schema over the DSL and then allow you
the full use of the /29 for your side giving you 6 IPs instead of 5 as that
would make the situation a whole lot easier...
I've been thinking about using a Bridging-firewall technique but
have been short on finding good documentation on it... If anyone else has
found some good sources of info on this I'd be very apprecitive to recieve
a link to the data... Also if there is any interrest by people in the
South Bay area to possible get together and try brainstorming this I have
a 4'x8' whiteboard on the wall at my "office" (read: spare bedroom) and
try to keep the dry bar stock'd as best as possible...
Respectfully,
Jeremy T. Bouse
Michael Perry was said to been seen saying:
> I had some issues posting to the list earlier and ended up reading some
> list archives around public Ip addresses in dmz and small subnet
> routing in these exchanges
>
> http://lists.debian.org/debian-firewall-0105/msg00055.html
>
> I actually just got IP assignments from my ISP to bring up a webserver
> because I did not want to alias port 80 traffic internally (although I
> tested and could to this quite easily). My setup could be:
>
> external network
> |
> eth0
> ------------- |
> 198.144.206.45|eth1
> |----------------------------- -|
> 192.168.0.x |198.144.195.178-82 199.144.195.178
> --------------- (netmask 255.255.255.248) (webserver)
> eth2 {default route 198.144.195.177)
> |
> intl network
>
> The existing example showed the dmz being on the same subnet as the
> external address. Mine is not that way. I will have 4 other IP
> addresses that I won't use.
>
>
> --
> Michael Perry | "Do or do not; there is no try" Master Yoda
> mperry@lnxpowered.org | http://lnxpowered.org (soon to come)
>
>
> --
> To UNSUBSCRIBE, email to debian-firewall-request@lists.debian.org
> with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
--
,-----------------------------------------------------------------------------,
|Jeremy T. Bouse, CCNA - UnderGrid Network Services, LLC - www.UnderGrid.net |
| Public PGP/GPG fingerprint and location in headers of message |
| If received unsigned (without requesting as such) DO NOT trust it! |
| jbouse@Debian.org - NIC Whois: JB5713 - Jeremy.Bouse@UnderGrid.net |
`-----------------------------------------------------------------------------'
Attachment:
pgp58d8vAufmQ.pgp
Description: PGP signature