Board index Linux Networking

Multiple public IP's for NAT to Multiple Internal machines

Multiple public IP's for NAT to Multiple Internal machines

Post by no sp » Sat, 26 Apr 2003 01:23:59



Hi folks,

 I did some searching around and found nothing conclusive, at least
something that showed clues how to do this.

 My problem is the following: I have a range of public IP's that I
want to use to connect to different internal machines.

 For example: ip A connects trought Linux NAT router  to machine M1
              IP B to machine M2
              and so on.

 I already have iptables set up trough Guarddog, and everything works
fine. But Guarddog doesn't do nothing regarding iptables NAT mode.

My Linux router has two NIC's. I'm using Mandrake 9.

Any ideas how can I acomplish this? Any tools?

Thanks!

 Wergon

 
 
 
Top

Multiple public IP's for NAT to Multiple Internal machines

Post by Linux_Newbi » Sat, 26 Apr 2003 09:23:25



> Hi folks,

>  I did some searching around and found nothing conclusive, at least
> something that showed clues how to do this.

>  My problem is the following: I have a range of public IP's that I
> want to use to connect to different internal machines.

>  For example: ip A connects trought Linux NAT router  to machine M1
>               IP B to machine M2
>               and so on.

I am a linux newbie but to achieve this mapping i am using
http://support.dlink.com/products/view.asp?productid=DFL%2D300 dlink
hardware firewall. This does provide web based mapping of public ips to
internal ips and upto 4 servers load balancing. you can checkout manual
for more information.
Quote:>  I already have iptables set up trough Guarddog, and everything works
> fine. But Guarddog doesn't do nothing regarding iptables NAT mode.

> My Linux router has two NIC's. I'm using Mandrake 9.

> Any ideas how can I acomplish this? Any tools?

> Thanks!

>  Wergon


 
 
 
Top

Multiple public IP's for NAT to Multiple Internal machines

Post by no sp » Tue, 29 Apr 2003 19:39:54


Just to be acessible on Google groups:

On the public interface create virtual interfaces as many as the
public IP's that you want. For example: eth0:mail , eth0:web ,
eth0:intr

Then all you have to doo is add the proper iptables rules for each
interface with the internal ip address.

Regaring the linksys product, it looks cool, but I need Linux...
Thanks for your help anyway.

Wergon2003

 
 
 
Top

Multiple public IP's for NAT to Multiple Internal machines

Post by Marco Fische » Wed, 30 Apr 2003 07:41:27


Google for DNAT or Destination NAT

You can modify the table DNAT (-t DNAT) to redirect(-j REDIRECT) pakets from
one extern destination ip to an intern maschine.

Marco



Quote:> Just to be acessible on Google groups:

> On the public interface create virtual interfaces as many as the
> public IP's that you want. For example: eth0:mail , eth0:web ,
> eth0:intr

> Then all you have to doo is add the proper iptables rules for each
> interface with the internal ip address.

> Regaring the linksys product, it looks cool, but I need Linux...
> Thanks for your help anyway.

> Wergon2003

 
 
 
Top

1. Routing multiple public IPs to multiple internal networks

Here is the situation:

We are going to be getting an internet connection with a /28 block of
public IPs. What I would like to do is be able to filter all of the
traffic through one Router/Firewall box so I can do filtering, QoS,
bandwidth monitoring, etc. and give a public IP to a series of Linksys
routers for different tenants in the building. I am not quite sure how
to setup the IPs since I have only had experience with 1 public IP and
NAT in the past. I have tentatively come up with this setup but I
wanted to run it by someone more knowledgable than myself before
ordering the equipment and deploying everything. Here is a diagram to
help clarify:

     +----------------+
     |   ISP Router   |
     |  x.y.z.225/28  |
     +----------------+
            |
            |
            |
    +-----------------+
    |   x.y.z.226/28  |
    | Router/Firewall |
    |   x.y.z.227/28  |
    +-----------------+
             |
             |
             |
    +------------------+
    |      Switch      |
    +------------------+
      |              |
      |              |
      |              |
+------------+ +------------+
|x.y.z.228/28| |x.y.z.229/28|
|  Linksys   | |  Linksys   |
+------------+ +------------+
 | | | | | |    | | | | | |
 | | | | | |    | | | | | |
   Private        Private
   Network        Network

Would this addressing scheme work? I thought about subdividing the
subnet but I don't want to lose IPs in the process and it seems like it
would unnecessarily complicate things.

Thanks in advance!

2. test plz ignore

3. multiple ip's - multiple inetd's?

4. tip giving message "link down"

5. NAT, handling internal accesses to the public IP?

6. eth0 and ppp0 interfaces clash?

7. How to do a multiple to multiple NAT?

8. Very SLOW vs Samba 1.9 & ArcServe 6.5

9. Multiple external networks to multiple internal networks

10. multiple ip#'s (virtual machines)

11. multiple ip's on one machine and sendmail

12. multiple ip's and subnet on one machine

13. How to control multiple server in multiple machines with a queue


All times are UTC
Board index