FA+
Shop
A Retraction
12 years ago
General
That was a pretty good story I penned yesterday about strange network routes, wasn't it? Yeah... too bad it was just that: a story. A work of quasi-fiction. On further review, what I said was happening, wasn't. Oh the server still didn't need a default gateway to function, that part was true.
What I didn't realize is the gateway doesn't know about the public network. What it does know is that to get out to the public network it has to traverse the firewall (the gateway for the gateway) and the packets undergo NAT mangling. The firewall's external interface is in our public IP block.
So the firewall and the web server are both on the same public network and don't need a gateway to talk to each other. The return traffic goes to the firewall over the public network, the firewall NATs the response and away it goes over the private network back to my workstation.
So let this be a lesson to all of you: if you're gonna bust out of the gate with a good story of life, best to do your research first or you'll end up looking like a fool.
What I didn't realize is the gateway doesn't know about the public network. What it does know is that to get out to the public network it has to traverse the firewall (the gateway for the gateway) and the packets undergo NAT mangling. The firewall's external interface is in our public IP block.
So the firewall and the web server are both on the same public network and don't need a gateway to talk to each other. The return traffic goes to the firewall over the public network, the firewall NATs the response and away it goes over the private network back to my workstation.
So let this be a lesson to all of you: if you're gonna bust out of the gate with a good story of life, best to do your research first or you'll end up looking like a fool.
