Firewall and proxy arp
I'm installing a debian firewall in my office network and I have some
questions. I'll try to explain my office network: I have a router and
some public ip addresses (say 8); I also have a switch directly
connected to the servers and the internal router's interface. Yes, I
know it's risky... I'm working on it;)
I want to insert a firewall between the servers and the router, of
course.
Moreover I want the ip addresses on the servers to be real public IPs
(no 1-1 nat or similar things).
I have only 8 IPs, so I can't do subnetting.
I think proxy arp is the best solution in my case.
BUT I want to connect different servers on different interfaces on the
firewall. Something like
Router
Firewall
Server1 Server2 Server3
but server1, server2 and server 3 needs to be on a different firewall's
interface.
Please help me explaining my mistakes.
I think I have to:
° enable proxy arp an all the internal firewall;
° assign a public ip address to the external firewall's interface;
° assign a fake ip address to all the internal interfaces;
° delete the routing table;
° set an host router for each server with the correct interface;
° set the host route for the router on the external intercae;
° set the default gateway via that router;
° drink a coffee.
Am I right? Will all work as expected? Can I use only one public IP on
the firewall?
What about server1 trying to contact server2? Will it work?
Sorry for my poor english and many many thanks in advance.
Radel
Reply to: