On 11/08/10 10:36, Michele Codutti wrote:
Hello everyone today I managed to nat a multicast address of a clustered
ip. So I'm writing to the ML to keep track of the solution.
I'm glad that you got things working the way that you wanted them to.
Thank you for replying to the mailing list so that others can search the
archives in the future.
The servers and the bridges all are Debian Lenny with only packaged
software, the router is a Cisco 7200 VXR.
*nod*
There are only 3 ebtables rules to do the trick:
ebtables -t nat -A PREROUTING \
--in-interface "$OUTERFACE" \
--protocol arp \
--arp-opcode Request \
--arp-ip-dst "$ip" \
--jump arpreply \
--arpreply-mac "$UMAC_OUI:" \
--arpreply-target DROP
ebtables -t nat -A PREROUTING \
--in-interface "$OUTERFACE" \
--destination "$UMAC_OUI:$MAC_EUI" \
--jump dnat
--to-destination "$MMAC_OUI:$MAC_EUI" \
--dnat-target ACCEPT
ebtables -t nat -A POSTROUTING \
--out-interface "$OUTERFACE" \
--protocol arp \
--arp-opcode Request \
--arp-ip-src "$ip" \
--jump snat \
--snat-arp \
--to-source "$UMAC_OUI:$MAC_EUI" \
--snat-target ACCEPT
Where:
- $ip is the cluster ip shared by servers;
- $OUTERFACE is the interface of the bridge connected
on router ethernet segment;
- $MMAC_OUI is the multicast OUI part of the MAC address;
- $MMAC_OUI is the unicast OUI part of the MAC address;
- $MAC_EUI is the final part of the MAC address.
Did you mean $UMAC_OUI for the unicast?
Special thanks to Grant Taylor.
Id's say you are welcome, but I didn't do any thing other than point in
a direction and say yes it could be done.
Grant. . . .
--
To unsubscribe from this list: send the line "unsubscribe netfilter" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
