Re: Only using masquerading on internet facing server
On Thursday, March 14, 2019 04:26:06 AM john doe wrote:
> By the answers in this thread, I guess I need to explane what I have and
> what I'm trying to do.
As someone observing from the peanut gallery, it would help me if the
explanation was a little less detailed -- sort of an overview.
Let me make a guess, using maybe some acronyms (which I should probably try to
avoid).
I'm guessing that you have a private LAN (192.168.3.0) behind server b, with
no direct connection to the Internet.
Ahead of that, to provide a connection to the Internet, you have server A.
The combination of the two is intended to create a DMZ (iirc) -- a place where
you can put computers / servers that are more accessible from outside the LAN.
Close???
>
> Server a and server b are identical, server a is the internet facing
> server which has one network behind it (eth1 172.17.232.0/24 and eth0 is
> the interface connected to the internet), server b is behind server a
> and connected using the eth0 interface.
> Server b is behind server a and is connected to server a through eth0,
> server b has one network behind it (eth1 192.168.3.0/24).
>
> For now both server (a and b) are responsible for MASQUERADING the
> networks behind them.
> So server a MASQUERADEs 172.17.232.0/24 and server b MASQUERADEs
> 192.168.3.0/24.
>
> MASQUERADE is only needed on server a.
>
> Does it help understanding what I'm trying to do?
>
> I really appriciate any help/hint.
>
> --
> John Doe
Reply to: