,,Forwardowanie IP'' za NAT

[Tomasz Pala]

On Mon, Jul 25, 2005 at 14:42:40 +0200, Andrzej Krzysztofowicz wrote:

> > It's easier, but you waste adresses for gateway, network and broadcast.
> 
> No, I don't.
> Hint: use routing to a single host, not full network.

In case you've got one range and must assign one of it's public
addresses to the router anyway. But it's common to get one link /30 and
the rest in /27. How to set gateway on client with address from /27 not
having this range on any interface? E.g.

router: 1.1.1.2/30 - world
	10.0.0.0/24 - local

2.2.2.0/27 - 32 clients

> > about using /32 masks - anyone has some experience?

The problem is it'll be dozen intefaces on 20 machines and hundreds of
clients, too much to set all the routes by hand (or wasting ~50 ifaces
for 3 IPs=150, 3.5% of available address space) and struggling with tc
queues, so:

> And either:
> - configure routing to X.Y.Z.10 via X.Y.Z.1 on any host in X.Y.Z.0/24 on eth0
>   that needs the routing (especially the gw, X.Y.Z.254), or

Can OSPF or iBGP set it NOT runing on client machine, only in backbone?

> - configure proxy arp on X.Y.Z.1 machine (to respond on arp requests for
>   X.Y.Z.10 on eth0)

Is proxy arp safe in large ethernet segments?

I'm not quite sure if NAT isn't simplier method...

1. simple routing: I can divide IPs on per-router basic and don't care
if there's only 1 IP on interface or 32 and how many interfaces there
is - all the interfaces consume common allocation,
2. client gets his local IP from DHCP, don't have to manually set second
one (many of them wants to use neighborhood and other network trash),
has direct (switch) access to other machines in LAN, so doesn't bother
our router to carry it's traffic,
3. I can forget about public IPs in QoS.

Disadvantages:
1. it must be explained to clients, that they do have public IP,
2. above is not true if he wants to use AH.

-- 
GoTaR <priv0.onet.pl->gotar>        http://vfmg.sourceforge.net/
                                    http://tccs.sourceforge.net/