I have network with x computers which is divided in three subnets A, B ,C. All three subnets need can't access to internet because my old router -> R.I.P.
Probably best solution is to get new router and set up back internet connection but that is not good enough for me.
http://img541.imageshack.us/img541/379/94208555.jpg
As you can see I plan to use Solaris as my router/firewall and reason is quite simple:
ZFS like cheap disks
Border is Pentium III
Cisco modem cost more than $1000 and my old office box is like new and has performance just like Cisco modem and with Jumpstart(TM) I can install Solaris in variaty of ways and save $$.
My problem is how to represent Solaris box as default gateway on my network without to manually change settins on every box which is time consuming ?
Using IPFilter is possible to get a decent package firewall and with that box route input data on other workstations in my corporate network
Any box with two devices and ip forwarding is a router.
Change the IP to match the old router.
All routing protocols do is dynamically update the routing table, which for most routers is not really much problem, as their routes are pretty static!
If you want your internal network to communicate with the Internet, there must be also NAT configured in your "BGB" (B�rgerliches Gesetzbuch ?) .
Thanks
For NAT Ipfilter will be more than enough
Yes, firewall is just a router with attitude and accessories like NAT, SOCKS and even dedicated proxies like tcp_relay.
I have never been that big a NAT fan. Packet inspection and modification makes it a bit dicey, and then there is the hassle of IP addresses for the NAT. A lot of routers seem to do something more like port and network address translation, so they can support all the clients with the firewall/router IP (no extra IPs for clients on unroutable IP family addresses).
IPFilter definitely provides port and network address translation.