"Each of the clients are running a server on 56.1.x.4 which needs to
have a public IP (e.g. an SSL web server) therefore NAT of any kind
cannot be used. "
yes it can, you can use a DNAT rule fromt the real external ip to the
internal IP.
Something like this:
iptables -t nat -A PREROUTING -p tcp --dport 8000 -i $EXT_IFACE -j DNAT
--to 10.198.0.32:8000
maps port 8000 of the external tcp to internal address 10.198.0.32 port
8000 behind the linux router.
Lee W wrote:
> Peter Farrow wrote:
>
>> You might also find this useful....
>>
>> http://www.netfilter.org/documentation/HOWTO/NAT-HOWTO-6.html
>>
>>
>
> Thanks for all the links, although I don't think they are what I'm after.
>
> What I'm trying to do is setup something which ( I guess) is something
> similar to that which an ISP may have. For example
>
> ISP External Interface = 55.20.0.2 / 255.255.0.0
> Client 1 external interface = 56.1.1.2 / 255.255.255.0
> Client 2 external interface = 56.1.2.2 / 255.255.255.0
>
>
> Each of the clients are running a server on 56.1.x.4 which needs to
> have a public IP (e.g. an SSL web server) therefore NAT of any kind
> cannot be used.
>
> The ISP central router is responsible for directing the packets at the
> correct client router with I guess some form of routing table (but I
> haven't got that far in my studyies yet).
>
> Hope this helps to clarify.
>
> Regards
>
> Lee
> _______________________________________________
> CentOS mailing list
> CentOS@xxxxxxxxxx
> http://lists.centos.org/mailman/listinfo/centos
