< snip>
>What's the practical difference between proxy-arp and plain old
>IP aliasing?
>Is one "better"?
No, this has nothing to do with better. A proxy-ARP was "invented" because
the machine that does the ARP doesn't know it's IP adress. (That is why it
is doing the ARP). Proxy's don't accept IP packets that don't state their IP
adress, so this would result in a system that wouldn't accept ARP requests.
Proxy-ARP is a wordk-around.
>In case it matters, my goal is to set up a bastion server so that it
>routes certain requests to the internal network, depending upon >which
>IP address and port are specified in the incoming packet. At this >point
>it seems like proxy-arp and ip aliasing will both allow me to get the
>bastion box answering on two or more IP addresses, but since this
>machine is security-sensitive I don't want to blindly choose one or >the
>other.
Thoughts?
-m
--
PLEASE read the Red Hat FAQ, Tips, Errata and the MAILING LIST ARCHIVES!
http://www.redhat.com/RedHat-FAQ /RedHat-Errata /RedHat-Tips /mailing-lists
To unsubscribe: mail [EMAIL PROTECTED] with
"unsubscribe" as the Subject.
