Traffic Mirroring

To: debian-firewall@lists.debian.org
Subject: Traffic Mirroring
From: Volkan YAZICI <yazicivo@ttmail.com>
Date: Fri, 22 Aug 2008 17:19:47 +0300
Message-id: <[🔎] 87fxoxuo70.fsf@alamut.mobiliz.com.tr>

Hi,

For debugging purposes I'd like to mirror/duplicate network traffic of a
server to a second sandbox server. Current network topology is
structured like below:

  VPN Router (192.168.2.1)
  |
  Unmanaged Switch
  ||
  |+-> PRODUCTION (192.168.2.23)
  |
  +--> LINUXSRV eth1: 192.168.2.200
                eth2: 192.168.1.9  <--+
                                      |
       SANDBOX  eth0: 192.168.1.70 <-+|
                                     ||
                                     ||
                                     Switch (192.168.1.1)

In the planned structure, I'd like to

1. Change IP address of PRODUCTION from 2.23 to 2.230.

2. Change eth1 interface of LINUXSRV from 2.200 to 2.23.

3. Make LINUXSRV to mirror incoming eth1 (2.23) traffic to both 2.230
   and 1.70. (Pay attention that SANDBOX is located in a different
   subnet.)

How can I make such a configuration in the LINUXSRV?

Furthermore, if we'd forget the mirroring for a second, I even couldn't
manage to forward 2.200 traffic to 1.70 via DNAT/SNAT.

Any helps will be really really appreciated.


Regards.

Reply to:

Follow-Ups:
- Re: Traffic Mirroring
  - From: Paolo <oopla@users.sf.net>
- Re: Traffic Mirroring
  - From: Vincent <v.hautot@gmail.com>

Prev by Date: Re: iptables rules not persisting
Next by Date: Re: Traffic Mirroring
Previous by thread: Re: iptables rules not persisting
Next by thread: Re: Traffic Mirroring
Index(es):
- Date
- Thread