On Fri, Nov 4, 2011 at 6:59 AM, John R Pierce pierce@hogranch.com wrote:
On 11/02/11 7:34 PM, Fajar Priyanto wrote:
I'm creating a firewall router with Centos with few virtual IP using iptables.
May I ask for your experience? Is there any pitfall or bad side of using virtual IP for this purpose? I'm using few virtual IP to accommodate few subnets that go through this firewall/router.
now, when you say 'virtual IP', do you mean alias IPs on your WAN (outside) interface(s), or multiple private subnets on the LAN (inside) interface(s) ? none of those are 'virtual' in any sense I'd use that adjective.
Hi John, thanks for asking. My firewall setup is like this: Physical NIC: eth0 - to outside world eth1 - to LAN There is masquerading in eth0 so LAN can go to internet
Now, I'm adding some virtual interface eth1:0, eth1:1... so on to accommodate new subnets created in the LAN.
My concern comes from question... how does the MAC addressing is handled (by the switches and the OS)? Because wouldn't eth1:0, etc be sharing the same MAC address as eth1? Will there be any problem or confusion in the network?