Re: IP forwarding?

To: "Robert Cates" <robert@kormar.de>, <debian-isp@lists.debian.org>
Subject: Re: IP forwarding?
From: "Jason Lim" <maillist@jasonlim.com>
Date: Thu, 31 Mar 2005 04:22:39 +0800
Message-id: <[🔎] 0bb001c53566$45d7bcf0$4bedfea9@tw1>
Reply-to: "Jason Lim" <maillist@jasonlim.com>
References: <[🔎] 0a1301c534fa$0cfd91a0$4bedfea9@tw1> <[🔎] 003001c5353e$5e28e4f0$0d01a8c0@kormar.net>

> 1)  and probably most obvious - why would your visitors be using IP
numbers?

This is not website. This is everything from FTP to VPN connections.

> 2)  what would there be, technically, stopping an attack on IP 1.2.3.x at
> 1.2.3.x?  I mean, if you've mapped or routed requests to 1.2.3.x to go to
> 5.6.7.x , what's will stop the attack before it gets to 5.6.7.x ?

This is not an attack. No one is attacking any IPs. I am talking about a
situation which would be very similar to moving ISPs, and having a way to
migrate progressively by forwarding the IPs from the old ISP to the new ISP.

> 3)  isn't there other sucurity methods in place (firewall) or that can be
> put in place easier than doing all of the mapping (while getting visitors
> off of using IP numbers)?

See above... not really relevent.

> 4)  have you got a hardware firewall/gateway?
> 5)  in the case of web services - assuming the use of the Apache web
> server - couldn't you configure it to reject requests with an IP, and on
the
> error page tell the visitor to use a certain domain name?  Wouldn't that
be
> easier than doing all of this mapping?

If this were a website, DNS tricks can be used, reducing TTL, etc. but this
is not the case.

> 6)  by "visitors" I'm assuming you're talking about outside of the
> network.(?)

That was an example... visitors could be everything from someone outside
connecting via VPN, or FTP, or web, or VoIP, etc.

Hope that gives you a relatively clearer picture. I am sure others here have
moved ISPs and have done something similar, so I was hoping for some
starting points.

> ----- Original Message ----- 
> From: "Jason Lim" <maillist@jasonlim.com>
> To: <debian-isp@lists.debian.org>
> Sent: Wednesday, March 30, 2005 9:28 AM
> Subject: IP forwarding?
>
>
> > Hi all,
> >
> > I am trying to come up with a solution to a network problem, but i
haven't
> > got much idea how to do it. If you could just give me a couple of
> > suggestions I could search on Google and research further.
> >
> > I basically have 2 networks, each with 32 IPs.
> >
> > Say the first network is 1.2.3.1-32
> > and the second network is 5.6.7.1-32
> >
> > Is there a way to make it so requests for 1.2.3.1 go to 5.6.7.1, and
> > 1.2.3.2
> > go to 5.6.7.2, so basically map 1.2.3.1-32 to go to 5.6.7.1-32?
> >
> > They are two separate neworks, each with their own network and
bandwidth.
> > But basically i'd like to have it so that 1.2.3.1 is the IP i give to
> > people, but behind the scenes, the data is transferred transparently to
> > the
> > server at 5.6.7.1 instead?
> >
> > So basically:
> > VISITOR --> 1.2.3.1 --> 5.6.7.1 --> SERVER
> >
> > It doesn't matter if the SERVER is configured with 1.2.3.1 or 5.6.7.1 as
> > it's IP. But the visitor should only know about 1.2.3.1.
> >
> > Essentially, this is what you would do if you were moving datacenters or
> > something, as a temporary solution.
> >
> > Hope someone can help! I tried looking at IP MASQURADING but that
doesn't
> > seem to be the right thing ,and IP FORWARDING doesn't seem right either.
> > Am
> > I missing a solution?
> >
> > Thanks in advance!
> >
> > Jas
> > Sincerely,
> >
> >
> > -- 
> > To UNSUBSCRIBE, email to debian-isp-REQUEST@lists.debian.org
> > with a subject of "unsubscribe". Trouble? Contact
> > listmaster@lists.debian.org
> >
> >
>
>
>

Reply to:

References:
- IP forwarding?
  - From: "Jason Lim" <maillist@jasonlim.com>
- Re: IP forwarding?
  - From: "Robert Cates" <robert@kormar.de>

Prev by Date: Re: Courier or Cyrus
Next by Date: can I do network teaming on dell 2850 with debian woody
Previous by thread: Re: IP forwarding?
Next by thread: Re: IP forwarding?
Index(es):
- Date
- Thread