Hi People!
I have a problem with nat under linux 2.2.16.
My setup is two internal networks and a permanent connection to the ´net all being routed with the linux box. The servers are in one of the internal nets, and the office computers are in the other. Both internal networks use the 192.168.0.0/16 address space.
The problem is that our ISP gives us direct connection to their lan and the IP addresses are not a sub net but part of their subnet, so the linux box has to claim all those IP. I found two solutions: ipvsadm and ip (policy routing and fast nat).
But the two options lacked one essential thing: ** I need to access the real IPs of the servers from the internal net **
This isn´t working (as I´ve found by tcpdumping), because when a packet is destinated to the real ip of the servers is translated and resent to the internal net, reachs the server, but when the server answers, it goes directly to the client, so the IP of the server is the internal (this is not what the client expeted) so the connection doesn´t occurs..
Anybody has any clue?
PS: I´ve found the ip util by accident, it isn´t part of any distribution I know and it has only a few words in the NET_HOWTO.. And I´d found it very interesting and powerful!
Martin Ferrari
Administrador UNIX
Decidir.com
________________________________________
mailto:mferrari@decidir.net
Visitenos en http://www.decidir.com
Decidir.com International Ltd.
***************** Internet Email Confidentiality Footer *******************
Privileged/Confidential Information may be contained in this message.
If you are not the addressee indicated in this message (or responsible
for delivery of the message to such person), you may not copy or deliver
this message to anyone.
In such case, you should destroy this message and kindly notify the
sender by reply email. Please advise us immediately if you or your
employer does not consent to using Internet email for messages of this
kind. Opinions, conclusions and other information in this message that
do not relate to the official business of my firm shall be considered
neither given nor endorsed by it.
******************* Confidencialidad en Internet Email ********************
Este mensaje puede contener información confidencial. Si usted no es el
destinatario de este mail, o la persona encargada de recibir los
mensajes para dicha persona, por favor no copie ni reenvie este mansaje.
De ser así, por favor destruya este mensaje y de ser tan amable
notifique al remitente con un Email. En caso de no querer recibir esta
clase de información via Internet por favor avisenos cuanto antes.
Conclusiones, opiniones y cualquier otro tipo de información que
contenga este mensaje y que no este directamente relacionado con el
rubro oficial de esta Empresa, no debe ser tomado en cuenta.
******************* Confidencialidade na Internet Email *******************
Esta mensagem pode conter informação confidencial. Se você não é o
destinatário deste mail, ou a pessoa encarregada de recebe-lo, por favor
não copie nem reenvie esta mensagem. Mesmo assim, por favor apague esta
mensagem e notifique ao remetente via e-mail. Se voçe de não quisser
receber este tipo de informação pela Internet, por favor nos avise
quanto antes. Conclusões, opiniões e qualquer outro tipo de informação
que contenha esta mensagem e que não esteja diretamente relacionada com
o rubro oficial desta empresa, não devem ser tomados em conta.
