[Firehol-support] Is it correct to think of interfaces vs routers as in "where the packet ends up going"?

Wojtek Swiatek w at swtk.info
Thu Jan 3 12:06:38 GMT 2019


Hello everyone

I am trying to make sense again of interface vs router after reading a few
times https://firehol.org/guides/firehol-welcome/

If we assume the following topology with three hosts, the middle one having
two interfaces:

[10.0.0.1] --- [eth0 = 10.0.0.254   eth1 = 10.1.1.254] --- [10.1.1.1]

there are services which produce and consume packets on each of the
interfaces (on each of the hosts). I will try to summarize the possible
cases fot traffic families:

10.0.0.1 -> 10.1.1.1 - managed via "router" because the packets enter eth0
and leave via eth1 without other interactions with the firewall
10.0.0.254 -> 10.1.1.254 - managed by "interface" as all traffic is local,
never leaves the firewall
10.0.0.1 -> 10.0.0.254 - managed "interface" as the packet enters the
firewall but stops at the entering interface

Now the ones I struggle with:

10.0.0.254 -> 10.0.0.1 - I do not know: on the one hane the traffic goes
through the firewall (or at least - leaves it), but on the other hand it
does not "cross" it, that is only one interface is used
10.0.0.1 -> 10.1.1.254 - I do not know: the packet enters the firewall,
goes from one interface to another but does not leave the firewall (again,
no "crossing")

In other words: is the rule that a packet must come in and out from a
firewall to be managed by "router" and any other case is managed by the
"interface" which eventually receives the packet (even if it went through
another one on the way)?

Thank you for your help


More information about the Firehol-support mailing list