add the external ip of each server to the outside interface of the NAT router.
ip addr add 123.4.5.x dev eth0
ip addr add 123.4.5.y dev eth0
ip addr add 123.4.5.z dev eth0
Florin Andrei wrote:
Router / firewall running the RHEL 5 code, doing DNAT.
Cluster of servers behind the firewall, on private IP addresses. The
external interface of the firewall is on public IP address space.
Each server private address in the cluster is DNAT'ed by the firewall to
its own public IP address residing on the external interface of the
firewall in the public space.
The problem is, when testing the connection through the firewall, I see
the initial ARP request for the DNAT'ed public address of the server,
but there's no reply. The firewall must be instructed to respond to that
request.
10 years ago I was doing something similar on Slackware (kernel 2.0 or
something like that), it was called proxy ARP and it was a
straightforward job. But now it's a pain in the ass.
Any idea if RHEL 5 is doing something "special" that might prevent proxy
ARP from working?
_______________________________________________
rhelv5-list mailing list
[email protected]
https://www.redhat.com/mailman/listinfo/rhelv5-list
