Hello,
I am working with my current ISP to build scenario like the following:
ISP -> x.x.x.x/29 -> pfSense(redundant with CARP) -> internal real and
virtual servers on x.x.x.x/27 (possible divided into a few /29s)
All IPs are Public routable addresses. The ISP will use one of the /29
host IPs for their router and obviously I will need one IP for each of
the WAN interfaces on the two pfSense boxes and one for the first CARP
ip. That leaves me 2 "spare" addresses to use later. I am planning to
use these down the road as a network segmentation scheme.
Am I missing anything that is gong to make this plan unfeasible? And
yes, there is a good reason for doing this involving services (such as
sip) that do not play well with NAT and the fact that due to
architecture some virtual servers may be behind NAT within the internal
environment which would mean NAT'ing a NAT'ed address.
Thank You,
JohnM
_______________________________________________
List mailing list
[email protected]
http://lists.pfsense.org/mailman/listinfo/list
