chaosnature
New Member
- Joined
- Sep 15, 2022
- Messages
- 456
- RoutingMake sure you understand the differences between and the different aspects of networking:
- Routing
- Switching / Bridging
- NAT including OUTBOUND NAT
- Firewall (Input Rules, Forward Rules, Passthrough Rules, Output Rules, etc)
As well as Layer 2 vs Layer 3 stuff.
I myself have NOT gotten all of those sorted out.
Essentially unless you take good care of all of the above (plus others I'm sure) you risk sending some IP address to a subnet/interface that is NOT supposed to see them. Or you might be able to send traffic in one direction but not being able to get back the response (although that should be a bit better with statefull firewalls w.r.t. stateless firewall) because for instance one of the router rejected the request (or dropped the connection since it didn't know where it should go to).
In OPNSense this would trigger a default state rejection for instance as it doesn't make sense from a networking point of view to have that situation occur. But that was also one of the things I WAS doing.
- Switching / Bridging
- NAT including OUTBOUND NAT
- Firewall (Input Rules, Forward Rules, Passthrough Rules, Output Rules, etc)
Apart from Passthrough Rules, Output Rules,
I thought I did - After all, I have been an Infrastructure Architect for over 9 years now after my Solution Architect roles...