[ previous ] [ next ] [ threads ]
 From:  Roman Yashin <romany at sseriga dot edu dot lv>
 To:  Manuel Kasper <mk at neon1 dot net>
 Cc:  m0n0wall at lists dot m0n0 dot ch
 Subject:  Re: [m0n0wall] DMZ, bridging or routable subnet?
 Date:  Wed, 14 Sep 2005 09:01:06 +0300

I am sorry for the confusion. I guess it's just the way I've 
interpreted it. Thanks for clearing it up for me, and thank you for 
putting so much effort into m0n0wall.



On Sep 14, 2005, at 8:50 AM, Manuel Kasper wrote:

> On 14.09.05 08:22 +0300, Roman Yashin wrote:
>> Based on what read in the docs and some of Manuel's posts to the
>> list, seems like having a routable subnet for DMZ is NOT a good
>> idea, or am I missing something here?
> What? I don't think I ever said that. Using public IP addresses
> directly on the DMZ network (which I assume is what you mean) is
> indeed the best solution, as then you don't have to mess with NAT,
> bridging or proxy ARP and its peculiarities. But often people don't
> have enough public IP addresses to do this.
> - Manuel