On Mon, 2020-10-26 at 17:02 +0000, Steve Hill wrote:
In addition to 198.51.100.1 and 192.51.100.2, the ISP is providing
28 extra public IPs (192.51.100.3-30), and I want to the firewall to
be able to DNAT those IPs to internal machines, which means it needs
to answer ARP for them.
The router is routing all of the public IPs directly to its internal
NIC. In an ideal world, we'd just reconfigure the router so that the
IPs are routed via the firewall rather than being directly
connected. However, I'm finding that for managed routers, ISPs are
increasingly unwilling to set up custom routing.
I'm curious how they expected you to use their extra IPs if they won't
let their router be configured for them.
--
uname -rsvp
Linux 3.10.0-1127.19.1.el7.x86_64 #1 SMP Tue Aug 25 17:23:54 UTC 2020 x86_64
Boilerplate: All unexpected mail to my mailbox is automatically deleted.
I will only get to see the messages that are posted to the mailing list.