--- 02fun-u2 <[EMAIL PROTECTED]> wrote: > > i was thinking that i might have to get multi IP > > this is the setup > > ____bsd.box > / > _______ / > | |___eth1 dmz ______linux.box > eth0 ___| FW | > wan | | > |______|___eth2 lan > > > first 'trafic' is all services such as ftp, http, etc > > what i was thinking that all the trafic going to Example.bsd.com > domaine would go to ip on eth0 and then get sent to the private > ip of bsd box. same w/ linux
In order to do that you need a public routable ips and dns. As I understand it you can't route to private ips from a public one, Unless... > but i was thinking how is it going to know what http, ftp trafic > goes to bsd unless an ip is involved, how can it tell bsd > from linux. your eth0 firewall could forward the ports to private boxes because to an outside ip it looks as if it were comming from the firewall itself. if your firewall was a linux box you could do this iptables -t nat -A PREROUTING --dst internet_ip -p tcp --dport 80 -j DNAT --to-destination BSD_ip or make your firewall completely transparent by doing this iptables -t nat -A PREROUTING --dst internet_ip -j DNAT --to-destination BSD_ip also if your behind the firewall you'll have to do this as well! iptables -t nat -A POSTROUTING -p tcp --dst internet_ip --dport 80 -j SNAT --to-source BSD_ip > i think what i'm looking at is a thing called one to one nat. > or maybe bridging. one to one nat is possibable here. It just means that you make your firewall redirect all ports to a lan server #make your firewall completely transparent by doing this iptables -t nat -A PREROUTING --dst internet_ip -j DNAT --to-destination BSD_ip Hope this helps ===== Ted Katseres ---------------- ------------------------ -------------------------------- __________________________________ Do you Yahoo!? Yahoo! SiteBuilder - Free web site building tool. Try it! http://webhosting.yahoo.com/ps/sb/
