Re: [expert] IP forwarding, not masquerading

Wed, 31 Jan 2001 00:48:15 -0800 

On Wednesday 31 January 2001 06:31, you wrote:
> Consider this scenerio:
>
>


I'm sorta running , or getting running at the mo half of this type of system.
The private net declare as FRIENDNET and set the BITMASK.
As for the NIC's I found the one using dynamic addressing must be bought
first. I compiled the driver in the kernel for eth0 and the other card as a 
module...I still dont have my system fully running again yet, as I have some 
permanant links, which are doing very strange things-- like the primary link 
fails, but the secondary works..even though I known the primary to be active !
I've moved my system from Suse 7.0, which was working, over to Mandrake
as I'd really got fed up with the tutonic attitude of suseconfig and yast !
I also use Ip-ip tunneling beweent private net and remote private nets.

have fun 
Richard
>             ------------                             -------------
>
>             |  BOX 1   |                             |  BOX 2    |
>             |      eth1+----> Private net #1         |       eth1+---->
>             | Private net #3
>
> Internet >--+eth0      |      192.168.1.x        /---+eth0       |     
> 192.168.2.x 1.2.3.x     |      eth2+--->------>------->-----/    |      
> eth2+--------> 1.2.3.2 IP (not masq!)
>
>             |          |      Private net #2         |           |
>
>             ------------      10.0.0.x               -------------
>
> Two linux boxes, both running IP Masquerading.
> Incoming internet connection has a mess of IPs: 1.2.3.x in this example.
>
> Private net #1 goes through box 1, then out, no problem.
> Private net #3 goes through box 2, then box 1, then out, no problem.
>
> However, a user on box 2 wants one outside IP address, without any firewall
> or masquerading.  All ports, both directions.
>
> Eth0 on box 1 is set to respond to any IP address in its block.
> What I want to do is set this up such that if eth0 on box 1 receives a
> packet for address 1.2.3.2, it forwards it to eth2, say to address
> 10.0.0.2.  Then Box 2's eth0, (who's address is set to 10.0.0.1, but should
> also respond to multiple IPs), when it sees a packet for IP address
> 10.0.0.2, it forwards it to eth2, address 1.2.3.2 (the original).  All
> types of packets, all ports, the works... just like the user was connected
> directly to the internet.
>
> How do I do this??!
>
> Bob

Reply via email to