From: Pawel Zawora <pzawora@interia.pl>
To: netfilter <netfilter@lists.netfilter.org>
Subject: Re: two subnets...
Date: Tue, 31 Jul 2007 21:28:35 +0200 [thread overview]
Message-ID: <46AF8D63.8080900@interia.pl> (raw)
In-Reply-To: <46AF4FC7.1000500@riverviewtech.net>
I need separate 3 foreign machines (security reason - firewall between
subnets is required).
I cannot divide one 128 pubic IPs subnet...
Foreign machines have to use public IPs....
Pawel
Grant Taylor wrote:
> On 07/30/07 05:31, Pawel wrote:
>> I need to remove 3 machines from one subnet (192.168.0.0/25) to new
>> physical subnet. I want to add new network card to my linux router
>> and create new subnet (192.168.0.96/29).
>
> Ok...
>
>> My issuse: I cannot touch any IPs of any machine ....
>
> Ah. Here in lies the rub.
>
>> how to do it? What is the best solution? (proxy arp, additional
>> routing table?)
>
> Do you really need a new subnet or just a new physical network? If
> the later is the case, add a new network card to the Linux router and
> bridge that new card with the old card that the computers were on.
> Once you have the bridge in place, move the IP address that was
> assigned to the old network card to the bridge interface. This will
> allow the old machines to function as they were as well as the
> machines that you moved. If you do not want the old machines to be
> able to talk to the ones that you moved, use an EBTables (Bridging)
> rule to block traffic from passing from the old NIC to the new NIC
> wile still allowing them to get to the router the way they need to.
>
> This works *GREAT*! I have used it a lot of places and have been very
> happy with the results.
>
>
>
> Grant. . . .
>
>
>
----------------------------------------------------------------------
Piekne kobiety wsrod samych swin!
Obejrzyj
>>>http://link.interia.pl/f1b18
next prev parent reply other threads:[~2007-07-31 19:28 UTC|newest]
Thread overview: 15+ messages / expand[flat|nested] mbox.gz Atom feed top
2007-07-30 10:31 two subnets Pawel
2007-07-31 15:05 ` Grant Taylor
2007-07-31 19:28 ` Pawel Zawora [this message]
2007-07-31 20:07 ` Grant Taylor
2007-07-31 22:40 ` Mike Wright
2007-07-31 23:28 ` Grant Taylor
2007-08-01 13:38 ` Maximilian Wilhelm
2007-08-01 14:04 ` Pascal Hambourg
2007-08-01 20:14 ` Pawel Zawora
2007-08-01 21:14 ` Grant Taylor
2007-08-01 22:44 ` Pawel Zawora
2007-08-02 1:11 ` Grant Taylor
-- strict thread matches above, loose matches on Subject: below --
2007-07-31 19:15 Pawel Zawora
[not found] <200708020115.l721FOEu011164@mail3.jubileegroup.co.uk>
2007-08-02 5:56 ` G.W. Haywood
2007-08-02 14:14 ` Michael P. Brininstool
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=46AF8D63.8080900@interia.pl \
--to=pzawora@interia.pl \
--cc=netfilter@lists.netfilter.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.