babysimon

Right. I have two machines that will be servers on the public internet. One has Linux, one Windows. I want to use the Linux one as a firewall for itself and the Windows one. To do this, I want to connect the Linux one to the internet on eth0, and to a switch on eth1. The Windows machine will be connected to the switch. (The switch is there for if / when we buy more machines).

I'm fairly confident this is a reasonable thing to do.

When they are running like this, the Linux machine will have two public IP addresses, one for each NIC, and the Windows machine will have one. I'm trying to set the machines up on our internal (10.0.0.0/24) network initially though, as a proof of concept, with private IP addresses:

10.0.0.94 Linux to network
10.0.0.95 Linux to switch
10.0.0.96 Windows to switch

I'm less confident this is a reasonable thing to do. Does the little network have to be an IP subnet with a broadcast address and everything? I don't know enough about IP to be sure, and all the howtos I see assume you're using NAT. I don't want NAT.

In the event that this *is* a reasonable way to treat IP addresses, what else do I need to do to get routing going? I've got a routing table on the Linux box that allows it to see the network and this linux box, but pings don't appear go from the network to the Windows box and vice versa.

And can I avoid iptables until I've got it working and want to add the firewall? Please?

Any help will get a lot of gratitude. If no-one helps, I'll have to go on debian-firewall and get flamed...