Thanks for all your ideas...
> The sole purpose of the virtual guests in this solution is limited to
> providing three isolated network stacks that can communicate with the
> same ip unhindered. It's also achievable (and definitely less
> cumbersome) using kernel namespaces - part of lxc [1].
I'll have a look at lxc.
Anyway, conceptually the whole problem look very simple to me...
Ideally, I'd just need to apply the following pseudo-code that
overwrites the IP fields... isn't there a simple way to do this trick
with netfilter&c.?
// OUTPUT:
if(dst_ip == 10.1.0.1) {
rewrite dst_ip to 10.0.0.1
rewrite src_ip to 10.0.0.2
output on interface eth1
}
if(dst_ip == 10.2.0.1) {
rewrite dst_ip to 10.0.0.1
rewrite src_ip to 10.0.0.2
output on interface eth2
}
if(dst_ip == 10.3.0.1) {
rewrite dst_ip to 10.0.0.1
rewrite src_ip to 10.0.0.2
output on interface eth3
}
// INPUT:
if(input_interface == eth1 && src_ip == 10.0.0.1) {
rewrite src_ip to 10.1.0.1
rewrite dst_ip to 10.1.0.2
}
if(input_interface == eth2 && src_ip == 10.0.0.1) {
rewrite src_ip to 10.2.0.1
rewrite dst_ip to 10.2.0.2
}
if(input_interface == eth3 && src_ip == 10.0.0.1) {
rewrite src_ip to 10.3.0.1
rewrite dst_ip to 10.3.0.2
}
--
Giacomo "mino" Bernardi
--
To unsubscribe from this list: send the line "unsubscribe netfilter" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
