So if I'm using CARP, do I create separate CARP interfaces and VHIDs for 192.0.2.4 and 192.0.2.5? Or can one CARP interface have multiple VHIDs assigned to it?
-----Original Message----- From: Stephen Marley [mailto:[EMAIL PROTECTED] Sent: Monday, June 20, 2005 6:01 PM To: '[email protected]' Subject: Re: Proxy arp needed for NAT? On Mon, Jun 20, 2005 at 04:23:51PM -0700, Michael Favinsky wrote: > I was reading through the pf documentation and found the following > example of NATing several internal IP addresses to two external IP addresses: > > nat on $ext_if inet from any to any -> 192.0.2.4/31 source-hash > > Let's say the external IP address of my firewall is 192.0.2.1. Do I > need to configure proxy ARP entries on my external interface for > 192.0.2.4 and 192.0.2.5, or is this something pf takes care of automagically? Pf doesn't handle that, but adding aliases to your outside interface for 192.0.2.4 and 192.0.2.5 will make it answer the arp request for those addresses. See hostname.if(5). -- stephen This message may contain information that is privileged, confidential and exempt from disclosure under applicable law. If you are not the intended recipient of this message you may not store, disclose, copy, forward, distribute or use this message or its contents for any purpose. If you have received this communication in error, please notify us immediately by return e-mail and delete the original message and any attachments from your e-mail system. Thank you.
