On Thursday 13 February 2003 12:21, Andrew Brown wrote:
>
> the tricky bit is that it's O(n^2) problem.  in order to make your
> default route into something you can flip-flop back and forth from
> interface to interface without breaking things, you need an ipf rule
> for each interface (for broadcast interfaces, that is, like ethernet,
> that describe how to reach the local subnet) and then one rule on each
> outside interface for each outside interface that describes how the
> traffic for each interface's address should move.

It's easier to just use a second machine: With two machines, you can have one 
webserver, one single fastroute rule, and on the second machine put simple 
ipnat forwarding for the port your server lives on. In this way, you don't 
have to fight with multiple default routes, don't have to fight with any 
external software, and you also don't have to worry about multiple dhcp 
servers fiddling around with each other's settings.