Transparent bridge or router?

G

gpatrick

Presently
Code: 
Internet-->modem-->pf-->int_switch-->int_network
                    |
                    --->dmz_switch-->dmz_network

I am moving away from OpenBSD which is running my mail servers, web servers, and pf firewall and going to SmartOS (hence I posted this in Off-Topic ;) )

Since I'm doing that I am considering using ipf on the global zone of SmartOS, but I don't want to plug the modem directly into the machine so am considering using either a router or transparent bridge in front.

Code: 
Internet-->modem-->transparent_bridge-->SmartOS_ipf-->phys_switch-->internal_network
                                             |
                                             --->virtual_switch-->dmz_network
Or in place of the transparent bridge just setting it up as a router to pass all traffic in and out.

Can someone explain to me which would be the better option (transparent bridge or router)?
 
Given you're going to be using ipf on the SmartOS box, then a transparent bridge may be the way to go for simplicity. Using a router will require the SmartOS device to be in a different IP subnet, which may or may not be desirable. Presumably you are looking to do some filtering on the bridge (Otherwise why bother? Or am I missing something?)?
 
You must log in or register to reply here.
Back
Top