View Single Post
  #3   (View Single Post)  
Old 12th May 2008
reuteler reuteler is offline
New User
 
Join Date: May 2008
Posts: 7
Default

Quote:
Originally Posted by osman View Post
Inase of NAT, dialing from modem is more secure cause it will be assigned live ip and your machine will be on private ip, behind nat.
a very basic pf ruleset on the pppoe machine would more than make up for that and almost certainly be more secure than the NAT provided by the modem. if you're willing to put a little effort into it you can do some pretty cool things (bridging one interface to a routed block, nat'ing another to an internal space, etc). i'd recommend "The Book of PF" by Hansteen for inspiration. it's cheap and decent.

Quote:
Originally Posted by osman View Post
usually pppoe dialing from machines/devices is more stable than dialing from cheap adsl modems. unless you have some modem like Speedtouch/Alcatel.
and this is the best reason to do it. openbsd's kernel pppoe implementation is considerably more robust than most modems.
Reply With Quote