[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Iptable NAT problem - ARP ?



In article <20040812142650.13397.qmail@web11906.mail.yahoo.com> 
cheako911@yahoo.com writes:
>IFIRC proxy_arp was/is replaced by dnat.  What you need is an IP in the
>same subnet as your external IP that you then use on your internel
>network.  When you turn on proxy_arp on your external interface it will
>pass all external arp requests onto your internal network and proxy any
>replys.  This allows for a "transparent router" aka a bridge.

DNAT and proxy-arp are differnt things sometimes used for similar
purpouses.  I use both on the same firewall.  A bridge is something
else again, that routes based on ethernet rather than ip headers and
does not add an ip hop to the traffic.
-- 
Blars Blarson			blarson@blars.org
				http://www.blars.org/blars.html
With Microsoft, failure is not an option.  It is a standard feature.



Reply to: