Answer the question
In order to leave comments, you need to log in
S
S
Sergey (you better not know :)2017-02-14 22:44:14
Sergey (you better not know :), 2017-02-14 22:44:14
How to use safely all addresses received from the provider?
Hey!
Radish providers are now in the habit of issuing subnets directly, and not routing them to the subscriber, that is, from the /29 subnet, the first address is assigned to the interface on their - provider - side, and I specify it as default gateway for the remaining five addresses at my disposal.
If the cable with the Internet came to my switch, then there would be no problem. But I want some security, at least some, and not to lose addresses.
So, the question is: how to fully hide the remaining addresses behind the firewall? In one case I have FreeBSD, in the other Cisco ASA.
I do not need configs, I would have an idea. Saw off / 30 not to offer, the task is not to lose addresses.
3 answer(s)
@EternalMaker
@Tabletko
@smithy1208
A
Andrew, 2017-02-15 @EternalMaker
I think you are looking for "filtering bridge".
For FreeBSD there are examples:
https://www.freebsd.org/doc/en_US.ISO8859-1/articl...
UPD: For Tsisok it seems to be called "Transparent Firewall Network"
D
Dmitry, 2017-02-14 @Tabletko
What's the problem? We start all addresses on the gateway / firewall and natim them inside. You can even natit 1:1.
V
Vladimir Kuznetsov, 2017-03-23 @smithy1208
Route remaining IPs to local IPs. On local machines, set up public IPs as secondary.
Similar questions
S
M
D
A
K
Didn't find what you were looking for?
Ask your questionAsk a Question
731 491 924 answers to any question