From owner-freebsd-questions Fri Oct 2 06:51:40 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id GAA29173 for freebsd-questions-outgoing; Fri, 2 Oct 1998 06:51:40 -0700 (PDT) (envelope-from owner-freebsd-questions@FreeBSD.ORG) Received: from mercury.webnology.com (mercury.webnology.com [209.155.51.2]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id GAA29154 for ; Fri, 2 Oct 1998 06:51:34 -0700 (PDT) (envelope-from jooji@webnology.com) Received: from localhost (jooji@localhost) by mercury.webnology.com (8.9.1/8.8.8) with SMTP id IAA08662 for ; Fri, 2 Oct 1998 08:56:44 -0500 (envelope-from jooji@webnology.com) Date: Fri, 2 Oct 1998 08:56:43 -0500 (CDT) From: "Jasper O'Malley" To: questions@FreeBSD.ORG Subject: Re: Firewall with 2 NIC and a NET class C In-Reply-To: Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG On Fri, 2 Oct 1998, Mike wrote: > "Our recommendation is to obtain and use registered IP addresses if at > all possible. If you must use private IP addresses, then use the ones > specified by RFC1597, but beware that you're setting youself up for > later problem[s]." > > _Building Internet Firewalls_, Ch. 4, p. 90 > D. Brent Chapman & Elizabeth D. Zwicky That's fine and well, but how old is that book? RFC 1597 was obsoleted by RFC 1918 in February, 1996. What rationale do the authors employ for suggesting that registered IP addresses behind the firewall will be "setting yourself up for later problem[s]?" Cheers, Mick The Reverend Jasper P. O'Malley dotdot:jooji@webnology.com Systems Administrator ringring:asktheadmiral Webnology, LLC woowoo:http://www.webnology.com/~jooji To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message