Chapter 11 Firewalls
Figure 110 “Triangle Route” Problem
11.8.2 The “Triangle Route” Solutions
IP alias allows you to partition your network into logical sections over the same Ethernet interface. Your switch supports up to three logical LAN interfaces with the switch being the gateway for each logical network. By putting your LAN and Gateway B in different subnets, all returning network traffic must pass through the switch to your LAN. The following steps describe such a scenario.
1A computer on the LAN initiates a connection by sending a SYN packet to a receiving server on the WAN.
2The switch reroutes the packet to Gateway A, which is in Subnet 2.
3The reply from WAN goes through the switch to the computer on the LAN in Subnet 1.
Figure 111 IP Alias
| 171 |
|
|