Re: Whacky Iptables Wizardry

[Lucas J Barbuto <lucas@stabat.com>]

Hi All,

Thanks Tarragon for your reply.

On Fri, Jun 20, 2003 at 12:34:40PM +1000, Tarragon Allen wrote:
> ... now I'm confused.

Yeah, sorry it's hard to know how much information is required.

> Are your 12 IPs "real" IP addresses, or are they behind NAT?

Yeah, they are real IPs.  It's like this:

                                + ISP's router (the Internet)
                                |
                                | 
                                + 238
                                |
                                |
                             +--+--- 224/28 network
                             |
                             x
                             |
                             + 237 +--- DSL ---+ the Internet
                             |
                             |
                             + 234

So 237 also has a DSL line plugged into it with an IP of 70.  Say the
link between the 224/28 network and 237 (marked 'x') goes down (because
we've pulled the plug to do some maintenance).  Can we tell 238 to
re-route all traffic destined for 237 to it's DSL IP address (70)?  Like
packet mangling, can I change the destination IP in the headers, and
send it back the way it came?  Will this work?

> You should add a static ARP entry on the machine at 238

Yeah, that was the first thing I tried, but it didn't seem to work, I
also thought that it wasn't the most elegant solution.  Even with a
static entry, things seemed to mysteriously stop working after a short
time.  As if the static entry were being ignored... this is a strange
one... I'm probably doing something weird.

Thanks for your help.

Regards,

Lucas