A universal truth
Aug. 27th, 2004 10:14 amI don’t think it’s documented anywhere but it seems to be a universal truth that on commercial firewalls, VPN concentrators, and all network devices that “straddle a security border” (i.e. have 2 NICs one on the inside and one on the outside) they always assign Ethernet 0 for the outside connection and Ethernet 1 for the inside connection. As I said, I don’t think this is required by law or even documented in books like this one or that one but they all seem to do it. On home-brew firewalls I always did it because I always have only one outside connection any potentially many inside connections, so by putting the outside connection first, it lets me have sequentially numbered inside connections. However I recently realized that the answer is more likely to be due to the fact that it is easier to remember that Ethernet 0 is for “O”utside, and Ethernet 1 is for “1”nside.