I have a three legged firewall up and running (3 NICs , Inet eth0 and ip aliased eth0:0.
My eth2 192.168.1.1 goes to DMZ), i got a DMZ webserver which has currently one NIC (eth0) with ip addr 192.168.1.2.
Goal:
I am working toward the setup for the djbdns (DNS) which will, I guess? have 1 to1 NAT routing thru the firewall Iptables, port 53 etc... I can ipalias on the firewall just fine. I got my second external IP addr ipaliased Inet eth0:0 on the firewall ifconfig, but not routed yet.
I am following a "how to" which shows the DNS going to 192.168.1.3 (on my DMZ network). So, do I add ip aliasing to the webserver NIC too? and create webserver eth0:0 192.168.1.3 and then 1 to 1 DNAT to that from my firewall eth0:0 addr or ?
maybe,
add a second NIC card to the webserver? if so, how would i hook it up... maybe i need another switch for the DMZ network (can do $ if i need to),
right now i use a simple crossover cat 5 cable from the firewall to the webserver. hmm... which way would you try it? ipalias both ends or a switch?
can you even actually ipalias both ends of these cards in the network ? and if so any reason why i wouldn't?
note: this is getting REAL fun! now that the darned works at all after 4-5 weeks...
thanks to all who have guided me in this dim light.
P.Biter