> >> I've got a Dell SC1435, running OpenBSD 4.0, with two Ethernet > >> interfaces (bge0 and bge1) working as a gateway and firewall > >for our internal network. > >> > >> bge0 is the external connection (with a class B IPv4 address), and > >> bge1 is the internal connection (private IP network, class C). They > >> are both part of a bridge, bridge0:
>From the information you gave, I don't see any reason for these to be bridged, and there are some good reasons not to (it will increase broadcast traffic on both segments, and makes things more complex, especially where PF is concerned) The main reason you might need it is if there are also machines on bge1 with public addresses (though if that's the case, it would be cleaner to have them on a separate interface - physical or vlan)
