Hi all, I have a small problem with routing/forwarding. While Forwarding via Masquerading is talked a lot about I did not found something about my problem. The Situation is:
We have one Net (lets say it is 192.168.1.0/24). Some of our Server need to be put behind a trafficshapper/Firewall. While all our server have already public IP-Adresses I don't want to Masquerade them. My Trafficshapper (Linux running Kernel 2.4.18) has 2 Devices (eth0: where all the traffic of the server arrives and eth1: where the uplink in the real World is). So .. what I want is something like this: all the traffic coming from our servers should go through eth0 in to eth1 out. Naive as I am I thought all would be fine if I activate IP-Forwarding (echo 1 > /proc/sys/net/ipv4/ip_forward) and set routes like: 192.168.1.0/24 > eth1 192.168.1.121 > eth0 (one of our Server) so I thought if 192.168.1.121 sends a packet to 192.168.1.30 (a server outside the shaper) this packet arrives at eth0, the shapper checks that it is for 192.168.1.0/24 and will send it through eth1 out while traffic returning to 192.168.1.121 will arrive at eth1, and then redirectet to eth0 ... but this doesn't works .. FORWARDING Policie of IPTables is Accept. I don't have any problems with shapping at all, also the firewallconfig isn't the problem (cause at this time I don't have one, which will be the next step). As I understand it, the problem is, that both sides of the shapper are in the same Network... All of our Server have a gateway set like (192.168.1.20) .. this Gateway is the gateway of our Provider, so I can't shape traffic there... Most of the traffic leaving our servers will be routet over the gateway Hope for some ideas, and thanks to all how might help! Greetings, Stefan Siefert
