Firewall Wizards mailing list archives
Re: Internet accessible screened subnet - use public orprivateIPs?
From: Victor Williams <vbwilliams () neb rr com>
Date: Fri, 22 Jul 2005 22:33:50 -0500
I've seen the interesting issues as well. But in 90+% of the networks I deal with, I don't find those issues. It's only when myself and the admin I'm working with has 20 services in the DMZ that needs to be provided publicly, but their ISP has only given them a /29 subnet to use that my head starts to hurt.
My overall point was, if you have the $ for IP addresses or already have them, it's discretionary...it's up to you to use NAT or not. If you don't have the IP addresses to spare, then sometimes you have to get creative. I guess I didn't see the issue as more/less work, or routing/not routing if you knew what you were doing...it just becomes preference of implementation at that point.
however, for a DMZ (the question that was asked) you are typicaly providing service to the Internet, and for that you run into a bunch of very interesting issues if you try to use NAT to reduce the number of IP addresses you use.David Lang
_______________________________________________ firewall-wizards mailing list firewall-wizards () honor icsalabs com http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
Current thread:
- Internet accessible screened subnet - use public or private IPs? Matt Bazan (Jul 21)
- Re: Internet accessible screened subnet - use public or private IPs? Paul D. Robertson (Jul 21)
- Re: Internet accessible screened subnet - use public orprivate IPs? David Lang (Jul 21)
- Re: Internet accessible screened subnet - use public orprivate IPs? Dave Piscitello (Jul 22)
- Re: Internet accessible screened subnet - use public orprivate IPs? David Lang (Jul 22)
- Re: Internet accessible screened subnet - use public orprivate IPs? Victor Williams (Jul 25)
- Re: Internet accessible screened subnet - use public orprivateIPs? David Lang (Jul 25)
- Re: Internet accessible screened subnet - use public orprivateIPs? Victor Williams (Jul 25)
- RE: Internet accessible screened subnet - use public orprivateIPs? lordchariot (Jul 25)
- RE: Internet accessible screened subnet - use public orprivateIPs? Marcus J. Ranum (Jul 26)
- RE: Internet accessible screened subnet - use public orprivateIPs? R. DuFresne (Jul 27)
- RE: Internet accessible screened subnet - use public orprivateIPs? Luis Bruno (Jul 30)
- RE: Internet accessible screened subnet - use public orprivateIPs? Paul D. Robertson (Jul 30)
- Re: Internet accessible screened subnet - use public orprivate IPs? David Lang (Jul 21)
- Re: Internet accessible screened subnet - use public orprivateIPs? Dale W. Carder (Jul 30)
- Re: Internet accessible screened subnet - use public or private IPs? Paul D. Robertson (Jul 21)
- Re: Internet accessible screened subnet - use public orprivate IPs? Marcus J. Ranum (Jul 26)
- RE: Internet accessible screened subnet - use public or private IPs? Sanford Reed (Jul 25)
- <Possible follow-ups>
- RE: Internet accessible screened subnet - use public or private IPs? Behm, Jeffrey L. (Jul 26)