A->B->C network setup? Feroda + Solaris :(

balmark · 07-01-2010, 04:32 AM

Hi,

I've come across this problem involving a linux and solaris machine

I'm a little stumped, I've 3 machines
Server A running Fedora -> Server B running Solaris -> Server C (no idea)

I've got root on server A and B but no access at all on server C.

A can connect to B and B can connect to C
They're all on different networks ..

A connects to B through its gateway and B through its gateway to C, there all on different ip ranges completely (like A 192.168.0.2, B 10.10.1.2 and C 4.5.6.7)

There's no direct route from A to C

I can setup a ssh tunnel and connect through a port on B that passes through to C with
ssh -L 2222:4.5.6.7:2222 me@10.10.1.2

but this isn't anyway permenant

Does anyone know how I can set everything up, so I can telnet from A and get to C? I tried using ipnat and ipf on the solaris server b, but I'm not sure what the problem is.. do I need to set something up for the return journey C -> A? are these socks? if I open a TCP connection, does C need to be able to ack back somehow to A? if so, does this happen on any port (possibly to setup some sort of routing?)?
Does all the setup need to be done on server A or server B?

As you can see, I'm clueless and could really use some help

nutshell: I need to get to tcp port 2222 on server C from server A

Kindest regards,

Bal

balmark · 07-01-2010, 04:58 AM

Another gotcha, I don't have physical access to the A or B, so I can't mess about too much incase I lose my own connection
and I've to go from A to B to access B, so I can't pass ALL traffic from A to B through to C and vica vesa

Currently my ipnat is (and when I try telnet serverB port 2222 from server A the active session is below, it just times out on serverA)

# ipnat -l
List of active MAP/Redirect filters:
rdr e2g0 10.10.0.0/16 port 2222 -> 4.5.6.7 port 2222 tcp

List of active sessions:
RDR 4.5.6.7 2222 <- -> 10.10.1.2 2222 [192.168.0.2 59772]

fancylad · 07-04-2010, 11:27 AM

how would server A know to use server B if it wanted to get to server C? you should provide us with server A and B's routing tables.

balmark · 07-06-2010, 04:24 AM

I was thinking server A might need to connect to server B on some port and server B would act as a go-between to get to server C?

server A ( telnet serverB 2222 ) would connect to serverB, server B would pass everything onto serverC that is receives on port 2222 ?
The return wouldn't be as easy I think, since I cant do anytthing with serverC, it'd ack to serverB? on some random port? no way to pass that onto serverA?

I'm sorry, I'm not all that clued up on this stuff, I'm assuming that a telnet will return an ack but that it'd be on some random port like 50034.

Is this possible? I can do it ok with ssh, but that's not a permenant solution

links can drop and wouldn't be reconnected etc.

nimnull22 · 07-06-2010, 05:00 AM

You have to tell server B which interface server C is connected or through which it can be reached, also you have to state in routing table where and what send to for server C and server B has to be configured like "forwarder", also you have to use SNAT to masquerade packets IP for server C.
A lot to do.