Vreme: 11/03/2011 11:16 AM, News piše: > Il 03/11/2011 3.34, Fajar Priyanto ha scritto: >> Hi all, >> I haven't found anything in Google about this. >> >> I'm creating a firewall router with Centos with few virtual IP using iptables. >> >> May I ask for your experience? >> Is there any pitfall or bad side of using virtual IP for this purpose? >> I'm using few virtual IP to accommodate few subnets that go through >> this firewall/router. > > I use shorewall for this > http://www.shorewall.net/Shorewall_and_Aliased_Interfaces.html +1 You also need to be sure what you want to do exactly. If subnets need to be behind hat firewall, but routed and not NATed, then you are not to use Virtual IP's, but to implement pass-through/routing. Virtual IP's are only used for NAT-ing, not for routing subnets. -- Ljubomir Ljubojevic (Love is in the Air) PL Computers Serbia, Europe Google is the Mother, Google is the Father, and traceroute is your trusty Spiderman... StarOS, Mikrotik and CentOS/RHEL/Linux consultant