On Tue, 18 Jul 2000, Jon Lindgren wrote:

> Imagine I have a dsl line, and my dsl provider gives me 10 static IPs, and
> furthermore, the DSL doesn't route IP traffic - it bridges it (this is typical
> where I am - every DSL implementation I've seen so far is bridged; even
> those which provide ciscos or netopias are actually bridged).
> 
> Now, since I have no control over the routes on their network, I can't
> implement a BSD box which routes and firewalls; this would require
> the provider to use that box as the gateway for my 10 static IP
> addresses.  In otherwords, I'm stuck on a flat topology.
> 
	Not really - you can setup IP aliases on the external interface
	of the NetBSD box, and setup appropriate NAT rules to map your
	internal addresses to your external ones. It allows you to play
	extra games with changing the mappings as and when you want.

> Solution: a bridging firewall.

	One solution - good use of NAT is another one.


                David/absolute
			       -- www.netbsd.org: A pmap for every occasion --