[ previous ] [ next ] [ threads ]
 From:  Jesse Guardiani <jesse at wingnet dot net>
 To:  m0n0wall at lists dot m0n0 dot ch
 Subject:  Re: Things to think about.
 Date:  Wed, 15 Dec 2004 09:04:53 -0500
Bruce A. Mah wrote:

> If memory serves me right, Chris Buechler wrote:
>> On Tue, 14 Dec 2004 15:38:13 -0800, Phill R Kenoyer <phill at bmg50 dot com>
>> wrote:
>> >
>> > WAN to LAN bridging.
>> > 
>> I second that.  It's silly to have to have an unused LAN interface on
>> strictly filtering bridge setups.  I'm sure it was done that way to
>> protect people from accidently doing something stupid and bridging
>> their LAN to the WAN, but that makes it really inconvenient when
>> setting up something like a filtering bridge at a colo.
> No, it was done that way because that's how I knew how to make it work.
> As m0n0wall stands right now, both the LAN and WAN ports need to have IP
> addresses assigned to them (for various reasons), and the "other side of
> the bridge" port needs to be unnumbered.  Thus the requirement for three
> interfaces.  If you can figure out how to remove at least one of these
> requirements, you'll be on your way.

Could someone with more knowledge than me on this subject list the various
reasons why the WAN and LAN interfaces require an IP? I'm pretty sure I
already know some of the reasons, but it would be nice to see them all.

Jesse Guardiani, Systems Administrator
WingNET Internet Services,
P.O. Box 2605 // Cleveland, TN 37320-2605
423-559-LINK (v)  423-559-5145 (f)