DHCP and 169.254 / solved
Anders Peter Fugmann
email hidden
Fri Jan 20 21:12:53 CET 2006
Paolo Prandini wrote:
> Now I have another problem; I have a network card with multiple addresses
> but they don't belong to the same subnet ; the practical problem is a
> router that can be spoken with only using a private address but on a
> public interface. So on the same interface I have public addresses and
> a private address like 192.168.1.1
You should never share both public and private traffic on the same wire.
This is why FIAIF is not designed to handle this - And it cant in a
secure manner.
> Up to here no problem. But when fiaif enters the picture there is a
> nasty effect: all packets exiting the interface have the public address
> even if I am targeting the private subnet! If I do "fiaif stop" then the
> correct behaviour is reinstated. Of course in the zone I set both addresses
> and subnets, in fact the packets are not rejected. Simply the output is
> always coming from the primary address.
>
> What can I possibly do?
You should consider adding another network card to your Linux box, and
let it act as a router.
Also a more detailed description of what the Linux box with FIAIF is
supposed to do would be nice. Are your Linux box acting as a router for
other machines connected on the same wire as the DSL modem? If this is
the case, then I would stringly reccommend against it. Its insecure and
kills performance.
>
> Thanks a lot!
> Paolo
Regards
Anders Fugmann
More information about the fiaif
mailing list