Vreme: 11/03/2011 11:16 AM, News piše:
Il 03/11/2011 3.34, Fajar Priyanto ha scritto:
Hi all, I haven't found anything in Google about this.
I'm creating a firewall router with Centos with few virtual IP using iptables.
May I ask for your experience? Is there any pitfall or bad side of using virtual IP for this purpose? I'm using few virtual IP to accommodate few subnets that go through this firewall/router.
I use shorewall for this http://www.shorewall.net/Shorewall_and_Aliased_Interfaces.html
+1
You also need to be sure what you want to do exactly. If subnets need to be behind hat firewall, but routed and not NATed, then you are not to use Virtual IP's, but to implement pass-through/routing. Virtual IP's are only used for NAT-ing, not for routing subnets.