On July 4, 2004 11:58 pm, Redhat Enterprise wrote: > What i wanted to do was to have 2 web servers having > private IPs( Ex: 192.168.128.5 and 192.168.128.6 on > the 255.255.255.0 subnet). The hub connecting these > machines would be connected to my Linux firewall > machine. In other words the private IPs are the ones > that make my DMZ, I shall call this interface which is > connected to the DMZ as eth1. > What i want to do is redirect all requests to > 64.24.12.45 to 192.168.128.5 and 64.24.12.46 to > 192.168.128.6 at the moment i have no problem in doing > the natting and everything related to send/receive > from the 64.24.12.45. > What i thought was to have a virtual interface and > bind the other internet routable address to it, ex > eth0:0. What are my options? > Also how could i do the POSTROUTING SNAT if I cannot > use virtual in terfaces? > Hi, I'm not sure I understand your question. As I read it, you have 3 boxes, 2 acting as web servers and 1 as a firewall. They are connected via a hub. It looks like the fw has at least 2 nics, one for the internet and one for the dmz (web server area), and probably a 3rd for internal LAN. I am presuming a recent release of RH (say 8 or newer) You can add the static IP to the external ethernet by creating a "eth0:1" (not eth0:0). To do that manually, cp your /etc/sysconfig/network-scripts/eth0 to eth0:1. The edit the IP address and hard link it into /etc/sysconfig/networking/devices/ifcfg-eth0:1 and /etc/sysconfig/networking/profiles/default/ifcfg-eth0:1 Your postrouting should show something in the way (all one line): $IPTABLES -A POSTROUTING -t nat -p tcp -o $EXT_IF -s $WEB_SERVER_1 -j SNAT --to-source $EXT_IP_1 $IPTABLES -A POSTROUTING -t nat -p tcp -o $EXT_IF -s $WEB_SERVER_2 -j SNAT --to-source $EXT_IP_2 Hope that helps. -- Pete Nesbitt, rhce -- redhat-list mailing list unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe https://www.redhat.com/mailman/listinfo/redhat-list
