Re: Bridging again

[Gergo Szakal <bastyaelvtars@xxxxxxxxx>]

Bill Hacker wrote:
> OK - do you mean to:
>
> - route, NAT, DHCP share a connection for (all those folks)?
>
> - firewall/filter for them?
>
> - proxy some service(s)?
>
> - electronically vampire-tap their traffic?
>
> Or what?
>
> FWIW, a 'bridging' arrangement is often one of the hardest-working ways 
> to do several of these things for the value-add, so is 'bridging' really 
> what you need?
>
> i.e. - what is the intended service?

The intention is to transparently filter the traffic of a given 
department. I know it is appropriate, since our old bridge has been 
runnning for 17 months now. :-)
Sidenote: The IPs are public, no proxying, and there may be some traffic 
queuing (has already been tested with OpenBSD, and it worked).
(Let me tell the network topology: there are 4 departments sharing the 
same class C ( == /24) range of public IPs. The infrastructure in the HQ 
is quite old thus they are unable to mask the subnet into four /26 
ranges. I have built a bridge for each department. Now one of them got a 
new machine, and this is a great occasion for me to try DF in a 
production environment, and I am also sick & tired of OpenBSD.)