TCLUG Archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Firewalled subnet configuration?



I posted a more confusing version of this question earlier and thought I
would make a better attempt at it.  Hopefully, I have included only relevent
data.

For the sake of argument let's say that I have the following (made up IPs)
and I have to do it this way.  How can I configure my interfaces?

                  Subnet: 200.0.0.0/28
  IP Addresses available:  200.0.0.4 - 200.0.0.7 (public routable internet
addresses)

                  Internet
                     |
                     |
                -------------
               |   Router    |
               |  200.0.0.6  |
                -------------
                     |
                     |eth0
                     |
                -------------
               |   Firewall  |
               |  200.0.0.5  |
                -------------
                     |
                     |eth1
                     |
                -------------
               |             |
               |             |
          -----------   -----------
         |    WS1    | |    WS2    |
         | 200.0.0.4 | | 200.0.0.7 |
          -----------   -----------


A possible, but less desirable alternative would be:

                  Internet
                     |
                     |
                -------------
               |   Router    |
               |  200.0.0.6  |
                -------------
                     |
                     |eth0
                     |
                -------------
               |   Firewall  |
               |  200.0.0.7  |
                -------------
                     |
                     |eth1
                     |
                -------------
               |             |
               |             |
          -----------   -----------
         |    WS1    | |    WS2    |
         | 200.0.0.4 | | 200.0.0.5 |
          -----------   -----------


Does anybody know of a simple configuration for this setup?  Your help would
be greatly appreciated.

Tom Veldhouse
veldy@veldy.net