two machines with same IP, one forwarding almost all to second ?

• Next message: Donald Becker: "Re: Problems with 2.2.18 and 3c59x"
• Previous message: Kenneth Stephen: "Problems with 2.2.18 and 3c59x"
• Next in thread: Jan Vicherek: "Re: two machines with same IP, one forwarding almost all to second ?"
• Reply: Jan Vicherek: "Re: two machines with same IP, one forwarding almost all to second ?"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

 Hi,

  This is a question for experts, I guess :

  I have two machines A and B. Both are on the Net, with A-public-IP and
B-public-IP. But B is not allowed to accept any connections from the Net
(from public) on B-public-IP (except for a VPN ssl-VPN connection from
machine A). Machine A is allowed to accept any connections, but it doesn't
have the software needed to properly respond to the incoming TCP or UDP
requests. So it needs to forward *all* (except for SSH port) incoming
traffic requests to machine B. (I already have a ssl-pppd-based VPN
tunneling from private network traffic between A and B).

   How do I configure Linux-2.4.x + ipchains + whatever (do I need any
other software?) on these two machines A&B, to be able to:

1. originate ftp/http/telnet/ssh connections from machineA's A-public-IP
to the Net.

2. any requests incoming into machineA+A-public-IP forward to machineB's
A-public-IP, process and respond back on machineB's A-public-IP,
forwarding back to machine A, coming out of machineA's A-public-IP to the
requestor on the net. ( The reason why I need A-public-IP on machine B is
because the protocols that B handles, sometimes include in their payload
the IP and port of the machine processing the requets, which has to be
A-public-IP, because the client would then contact that IP in the payload,
and only machine A is allowed to accept connections from public.

  Another way to say this is : Machine A forwards *all* incoming TCP & UDP
traffic to the same IP on machine B. Except that A has to be able to
accept port 22 from the Net and originate ftp/http/telnet/ssh connections
onto the Net through A-public-IP.

  How do I need to configure A & B ? (ipchains ? ip route ? dummy
interfaces ? ppp interfaces ? )

   Thanx in advance,

    *all* comments on this topic are welcome !

      Jan

PS: I didn't find this in the HOWTO, I guess this kind of setup is quite
rare.

PS2: Under this kind of setup, a machine C on the net could do
contact ftp://A-public-IP/, and it would be machine B (*not* machine A),
which would be running the FTP server. And all the FTP modes that would
work on machine A would work under the setup I'm seeking to establish.

-- 
-- Gospel of Jesus is the saving power of God for all who believe --
               ## To some, nothing is impossible. ##
                     http://Honza.Vicherek.com/
-
To unsubscribe from this list: send the line "unsubscribe linux-net" in
the body of a message to majordomo@vger.kernel.org

• Next message: Donald Becker: "Re: Problems with 2.2.18 and 3c59x"
• Previous message: Kenneth Stephen: "Problems with 2.2.18 and 3c59x"
• Next in thread: Jan Vicherek: "Re: two machines with same IP, one forwarding almost all to second ?"
• Reply: Jan Vicherek: "Re: two machines with same IP, one forwarding almost all to second ?"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b29 : Tue Jul 31 2001 - 21:01:00 EST