[nSLUG] Multiple IPs with Eastlink

Dop Ganger nslug at fop.ns.ca
Mon Feb 18 13:37:43 AST 2002


On Mon, 18 Feb 2002, mcurrie wrote:

> Eastlink has told me that they cannot map multiple IP addresses to one hwaddr.
>  I need to firewall 4 IP addresses from Eastlink and do not want to set up 4 
> firewalls.  I can't put more than one physical ethernet card on a subnet.  
> I've tried that, it doesn't work properly.  With MTT i used IP aliasing (eth0, 
> eth0:0, eth0:1, etc.) and it works beautifully.  I can't do this with Eastlink 
> because the hwaddr remains the same for each alias.

If I understand you correctly, you have 4 machines behind a firewall that
you want to have real IP addresses (as opposed to NAT'd addresses), but
you want to be able to do some type of firewalling to filter out unwanted
packets, yes? I suspect your best bet in this case would be to use
something like dhcping (http://www.mavetju.org/unix/general.php) to spoof
out a dhcp request from the firewall with the "right" MAC address. The
routing problems you're seeing may be because you need a dhcp request to
force a routing update, and without said update you don't get your route.

Alternatively you might want to have a play about with bridging, there's a
mini howto out there covering bridging and firewalling. That might be a
cleaner option if you're going to add more machines in the future.

Cheers... Dop.





More information about the nSLUG mailing list