I was able to configure /32 for ipv4.
in the example below, I use vlan10 and a private address for testing.
Each host in separated using PVLAN.
On the openbsd (router) side, I just do
ifconfig vlan10 inet 172.16.216.1/32
route add -inet 172.16.216.0/24 -llinfo -link -static -iface vlan10
On
On Sat, Sep 28, 2024 at 01:24:46PM -, Stuart Henderson wrote:
> On 2024-09-28, Nicolas Goy wrote:
> > On Fri Sep 27, 2024 at 5:45 AM CEST, David Gwynne wrote:
> >>
> >> using a /32 on each host with a single shared gateway ip for the
> >> subnet should work too. the config on the protected hos
On 2024-09-28, Nicolas Goy wrote:
> On Fri Sep 27, 2024 at 5:45 AM CEST, David Gwynne wrote:
>>
>> using a /32 on each host with a single shared gateway ip for the
>> subnet should work too. the config on the protected host side sounded
>> fiddly though, especially if you have multiple hosts on pr
On Fri Sep 27, 2024 at 5:45 AM CEST, David Gwynne wrote:
>
> we have done this with PVLAN at work. the firewalls are set up with
> promisc ports on the network, and the hosts are all on isolated ports.
> we use a normal subnet on this network, ie, we allocate a /25 (or /24,
> whatever) and set up c
On Thu, Sep 26, 2024 at 07:21:38PM +0200, Nicolas Goy wrote:
> Hello,
>
> I want to use OpenBSD as firewall for a configuration where every hosts is
> isolated.
cool.
> For example, let's say I have 1.0.0.0/24 subnet and 2000::/56 subnet.
>
> I want each host to have a single ip for ipv4, and a
On Thu, Sep 26, 2024 at 09:44:41PM +0200, Nicolas Goy wrote:
> I might not have been clear enough, the 1.0.0.0/24 example is a public /24
> routable network, not a 10.0.0.0/8 network.
>
> What I want is to be able to use as much as this network as possible (here 2
> ip
> per host) and allow firew
On 9/26/24 15:44, Nicolas Goy wrote:
[trimmed]
I might not have been clear enough, the 1.0.0.0/24 example is a public /24
routable network, not a 10.0.0.0/8 network.
What I want is to be able to use as much as this network as possible (here 2 ip
per host) and allow firewall rules between hosts.
On Thu Sep 26, 2024 at 8:57 PM CEST, Peter N. M. Hansteen wrote:
> On Thu, Sep 26, 2024 at 07:21:38PM +0200, Nicolas Goy wrote:
> > Hello,
> >
> > I want to use OpenBSD as firewall for a configuration where every hosts is
> > isolated.
> >
> > For example, let's say I have 1.0.0.0/24 subnet and 2
On Thu, Sep 26, 2024 at 07:21:38PM +0200, Nicolas Goy wrote:
> Hello,
>
> I want to use OpenBSD as firewall for a configuration where every hosts is
> isolated.
>
> For example, let's say I have 1.0.0.0/24 subnet and 2000::/56 subnet.
>
> I want each host to have a single ip for ipv4, and a /64
Hello,
I want to use OpenBSD as firewall for a configuration where every hosts is
isolated.
For example, let's say I have 1.0.0.0/24 subnet and 2000::/56 subnet.
I want each host to have a single ip for ipv4, and a /64 for ipv6.
On the layer 2 side, I can configure a single VLAN for each host,
10 matches
Mail list logo
