Re: IP forwarding?
----- Original Message -----
From: "Alexandros Papadopoulos" <apapadop@alumni.cmu.edu>
To: <debian-isp@lists.debian.org>
Sent: Wednesday, March 30, 2005 4:08 PM
Subject: Re: IP forwarding?
> On Wednesday 30 March 2005 10:28, Jason Lim wrote:
> <snip>
> > I basically have 2 networks, each with 32 IPs.
> >
> > Say the first network is 1.2.3.1-32
> > and the second network is 5.6.7.1-32
> >
> > Is there a way to make it so requests for 1.2.3.1 go to 5.6.7.1, and
> > 1.2.3.2 go to 5.6.7.2, so basically map 1.2.3.1-32 to go to
> > 5.6.7.1-32?
>
> So you need the following:
>
> * The gateway that will receive packets destined to 1.2.3.0/32 to have a
> route to the 5.6.7.0/32 network.
> * The gateway running iptables rules that will forward any request to
> 1.2.3.[1-32] to 5.6.7.[1-32] and of course fiddle with the source
> address of reply packets to make it work.
>
> The former is pretty simple, route add blah blah. The latter can be done
> with iptables as described here:
>
http://www.linuxsecurity.com/resource_files/firewalls/IPTables-Tutorial/iptables-tutorial.html#DNATTARGET
>
> I'm not sure if you can use DNAT rules for subnets, or you need to do it
> on a host-by-host basis. Worst case scenario, you'd end up with 32
> rules.
>
> Are you sure you can't get around this with updated DNS records?
>
> -A
Thanks Alexandros!
I cannot do this with DNS records because some of the visitors use hardcoded
IPs rather than domains or hostnames (yes, bad design, but too late to
change it now).
The question i have tho... for the servers at 5.6.7.[1-32], if a client
computer visits the corresponding IP at 1.2.3.[1-32], it would show only
5.6.7.[1-32] and not the actual client computer/website visitor, right?
Reply to: