Re: OT: Advice on network setup

[Douglas Guptill <dguptill@accesswave.ca>]

On Fri, Jan 31, 2003 at 10:13:29AM +1100, Lucas Barbuto wrote:

>         - Is there any other advice anyone can give me on this setup?

Yes.  Read on.

>           I'm mostly concerned about how to assign IPs and route
>           traffic.  Especially the external and internal IP for the
>           router.

Point 1.
--------

> I've been given the task of
> installing a firewall router in a data-centre that will sit in front of
> a bunch of co located machines.

You should be concerned with what the goals are for the firewall.

Why do I say this?

Everyone knows what a bulldozer is, right?  So if the boss says go out
and buy a bulldozer, no problem, right?   Just go down to the local
Caterpillar dealer and buy one.  That is where your problems will start.
Bulldozers come in all sizes and prices, from ones that you can carry 
around in the back of your pickup truck, to ones that need a semi-trailer.
Which one do you get?

Everyone knows what a firewall is, right?  :-)


Point 2.
--------

>From what you say, it appears that you may need to refresh your
knowledge of sub-networking.  What you are proposing in the diagram
(very nicely done, BTW) will not work, In My Humble Opinion.

What will work?  What configuration do I reccommend?  That depends 
*very* much on what you want to achieve by installing a firewall.

In particular, do you want/need to maintain the visibility of
the co-located hosts with their public IPs?

> Thanks in advance,

I hope you still feel that way.  :-)

Regards,
Doug.