shorewall-users November 2010 archive
Main Archive Page > Month Archives  > shorewall-users archives
shorewall-users: Re: [Shorewall-users] Dealing with multiple pub

Re: [Shorewall-users] Dealing with multiple public IP's

From: Tom Eastep <teastep_at_nospam>
Date: Fri Nov 19 2010 - 16:34:26 GMT
To: shorewall-users@lists.sourceforge.net

On 11/19/10 3:32 AM, Stephen Brown wrote:
> I've just ordered a Comcast business class connection with 5 static IP
> addresses.
>
> Reading over the aliased interfaces documentation, I'm not real clear on
> what to do with /etc/shorewall/interfaces (if anything).

/etc/shorewall/interfaces is independent of the number of IP addresses
on the interface. I have Comcast business class with 5 static IPs, three
of which are configured on my external interface:

gateway:~# ip -4 addr ls dev eth1
4: eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc tbf state
UNKNOWN qlen 1000
    inet 70.90.191.121/29 brd 70.90.191.127 scope global eth1
    inet 10.1.10.11/24 brd 10.1.10.255 scope global eth1:3
    inet 70.90.191.122/29 brd 70.90.191.127 scope global secondary eth1:1
    inet 70.90.191.123/29 brd 70.90.191.127 scope global secondary eth1:2
    inet 70.90.191.124/29 brd 70.90.191.127 scope global secondary eth1
    inet 70.90.191.125/29 brd 70.90.191.127 scope global secondary eth1
gateway:~#

My Comcast business class router is configured with it's LAN interface
as 10.1.10.0/24 (the default), so 10.1.10.11 is the primary address. The
top three public IP addresses are statically configured while the last
two are added when their corresponding Linux-vservers are started.

This the /etc/shorewall/interfaces entry for my external interface:

net COM_IF detect \
dhcp,optional,routefilter=0,logmartians,proxyarp=0,physical=$COM_IF,nosmurfs,upnp

Where /etc/shorewall/params contains:

COM_IF=eth1

-Tom
------------------------------------------------------------------------------
Beautiful is writing same markup. Internet Explorer 9 supports
standards for HTML5, CSS3, SVG 1.1, ECMAScript5, and DOM L2 & L3.
Spend less time writing and rewriting code and more time creating great
experiences on the web. Be a part of the beta today
http://p.sf.net/sfu/msIE9-sfdev2dev
_______________________________________________
Shorewall-users mailing list
Shorewall-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/shorewall-users

-- Tom Eastep \ When I die, I want to go like my Grandfather who Shoreline, \ died peacefully in his sleep. Not screaming like Washington, USA \ all of the passengers in his car http://shorewall.net \________________________________________________

------------------------------------------------------------------------------
Beautiful is writing same markup. Internet Explorer 9 supports
standards for HTML5, CSS3, SVG 1.1, ECMAScript5, and DOM L2 & L3.
Spend less time writing and rewriting code and more time creating great
experiences on the web. Be a part of the beta today
http://p.sf.net/sfu/msIE9-sfdev2dev

_______________________________________________
Shorewall-users mailing list
Shorewall-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/shorewall-users