On Wed, 4 Aug 1999, Michael Richardson wrote:
> 
>   Most basic way is to give these machines aliases which are their 10.x
> addresses and do, 
> 	"route add -host A.B.C.Q 10.0.0.Q"
> and:	"arp -s FI:RE:WA:EX:TE:RN A.B.C.Q"
> 
>   on the firewall. Then just set up normal firewall rules. It has been
> awhile since I tried to do this.
>   The alternative is that you need to do real bridging.
> 
>   One trick is going to be making sure that the internal machines use their
> external address when talking to the world.

My understanding of the "bimap" directive is that it does just this (makes
sure that the internal machine aways get mapped to their proper external address).
Also, I just found out today that the "arp -s FI:RE:WA:EX:TE:RN A.B.C.Q" is
probably needed for "bimap" to work.  If the ARP entry is not there, then
the external router (the ADSL modem in my case) will not get any responses
to WHOHAS ARP packets.

Paul
--
Paul Dokas                                            dokas@cs.umn.edu
======================================================================
Don Juan Matus:  "an enigma wrapped in mystery wrapped in a tortilla."