From: Pawel Zawora <pzawora@interia.pl>
To: netfilter <netfilter@lists.netfilter.org>
Subject: Re: two subnets...
Date: Tue, 31 Jul 2007 21:28:35 +0200 [thread overview]
Message-ID: <46AF8D63.8080900@interia.pl> (raw)
In-Reply-To: <46AF4FC7.1000500@riverviewtech.net>
I need separate 3 foreign machines (security reason - firewall between
subnets is required).
I cannot divide one 128 pubic IPs subnet...
Foreign machines have to use public IPs....
Pawel
Grant Taylor wrote:
> On 07/30/07 05:31, Pawel wrote:
>> I need to remove 3 machines from one subnet (192.168.0.0/25) to new
>> physical subnet. I want to add new network card to my linux router
>> and create new subnet (192.168.0.96/29).
>
> Ok...
>
>> My issuse: I cannot touch any IPs of any machine ....
>
> Ah. Here in lies the rub.
>
>> how to do it? What is the best solution? (proxy arp, additional
>> routing table?)
>
> Do you really need a new subnet or just a new physical network? If
> the later is the case, add a new network card to the Linux router and
> bridge that new card with the old card that the computers were on.
> Once you have the bridge in place, move the IP address that was
> assigned to the old network card to the bridge interface. This will
> allow the old machines to function as they were as well as the
> machines that you moved. If you do not want the old machines to be
> able to talk to the ones that you moved, use an EBTables (Bridging)
> rule to block traffic from passing from the old NIC to the new NIC
> wile still allowing them to get to the router the way they need to.
>
> This works *GREAT*! I have used it a lot of places and have been very
> happy with the results.
>
>
>
> Grant. . . .
>
>
>
----------------------------------------------------------------------
Piekne kobiety wsrod samych swin!
Obejrzyj
>>>http://link.interia.pl/f1b18
next prev parent reply other threads:[~2007-07-31 19:28 UTC|newest]
Thread overview: 15+ messages / expand[flat|nested] mbox.gz Atom feed top
2007-07-30 10:31 two subnets Pawel
2007-07-31 15:05 ` Grant Taylor
2007-07-31 19:28 ` Pawel Zawora [this message]
2007-07-31 20:07 ` Grant Taylor
2007-07-31 22:40 ` Mike Wright
2007-07-31 23:28 ` Grant Taylor
2007-08-01 13:38 ` Maximilian Wilhelm
2007-08-01 14:04 ` Pascal Hambourg
2007-08-01 20:14 ` Pawel Zawora
2007-08-01 21:14 ` Grant Taylor
2007-08-01 22:44 ` Pawel Zawora
2007-08-02 1:11 ` Grant Taylor
-- strict thread matches above, loose matches on Subject: below --
2007-07-31 19:15 Pawel Zawora
[not found] <200708020115.l721FOEu011164@mail3.jubileegroup.co.uk>
2007-08-02 5:56 ` G.W. Haywood
2007-08-02 14:14 ` Michael P. Brininstool
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=46AF8D63.8080900@interia.pl \
--to=pzawora@interia.pl \
--cc=netfilter@lists.netfilter.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox