Re: Proxy arp or bridge ?
ipmasquerading?
----- Original Message -----
From: "Daniel Faller" <Daniel.Faller@physik.uni-freiburg.de>
To: <debian-security@lists.debian.org>
Sent: Tuesday, July 03, 2001 2:21 AM
Subject: Proxy arp or bridge ?
> Hi,
>
> sorry if this is a little bit off topic:
>
> I am supposed to set up a firewall for ~ 60 PC's belonging to a part of a
> subnet.
>
> As far as I have understood there are (at least) 2 possibilities for such
a
> setup.
> - Use proxy arp, and set a route for every PC behind the firewall
> - Configure the firewall as bridge
>
> I would prefer the proxy arp solution, but this would imply to set up 60
> routes, if I am correct. Would this be a performance problem ?
> The firewall will be a pentium 133, kernel 2.4.5, with 2Intel Ether
Express
> cards.
>
> So, my question:
>
> - Any opinions about which would be the best (easy to setup and maintain)
> most secure or fastest (in terms of network speed) solution ?
>
> - Is there an easier solution then to set up a route for every ip, when
the
> ip's are part of a larger subnet and not continuous ?
> And how will performane decrease as a function of the number of routes ?
>
> Any hints apprechiated.
>
>
>
> Daniel
>
>
> _____________________________________________
> Daniel Faller
> Fakultaet fuer Physik
> Abt. Honerkamp
> Albert-Ludwigs-Universitaet Freiburg
>
> Tel.: 0761-203-5875
> Fax.: 0761-203-5967
> e-mail: Daniel.Faller@physik.uni-freiburg.de
> URL: http://webber.physik.uni-freiburg.de/~fallerd
>
>
>
>
> --
> To UNSUBSCRIBE, email to debian-security-request@lists.debian.org
> with a subject of "unsubscribe". Trouble? Contact
listmaster@lists.debian.org
>
Reply to: