This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Virtual Interfaces

I have a question about Virtual Interfaces. I have tried several firewalls now based on Linux and cannot get any of them to answer for the following.

I have a DSL network (static) with the network 216.63.37.112/29 and have tried to set 216.63.37.113 as my firewalls external interface, and .114 as eth1:1, when I try to telnet to 113 I can see the SYN packet being denied at the firewall. If I telnet to .114 I see nothing, it's like it never makes it to the firewall. The address works just fine because I can use it on a hardware based firewall and all is well.

So why do Linux based firewalls handle virtual interfaces so poorly? I have loaded a copy of Guantlet for Unix and set up the same test, all working well. But I cannot run Gauntlet without paying $20,000 and this is for home use, not to mention I borrowed the Ultra 60 that I was running it on.

Am I wrong in saying that the address should be treated just like another nic, so packet filter rules should show the attempt at connection. I do not have DNAT configured yet so that cannot be the problem.

This thread was automatically locked due to age.