LinuxQuestions.org
LinuxAnswers - the LQ Linux tutorial section.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Networking
User Name
Password
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.

Notices

Reply
 
LinkBack Search this Thread
Old 12-19-2006, 10:37 PM   #1
Swakoo
Member
 
Registered: Apr 2005
Distribution: Red Hat / Fedora / CentOS
Posts: 508

Rep: Reputation: 30
Allowing Internal Servers to access internet


Hi guys,

currently my webservers are connected to the DB a private LAN. Am I able to let my DB use the webserver as a gateway so that I can allow it to sync time with internet and grab updates. Or is there a way I can let my DB sync time with the web servers?

Currently its:

Gateway ------- Web Server ------- DB

Thanks!
 
Old 12-20-2006, 02:09 AM   #2
acid_kewpie
Moderator
 
Registered: Jun 2001
Location: UK
Distribution: Gentoo, RHEL, Fedora, Centos
Posts: 43,345

Rep: Reputation: 1945Reputation: 1945Reputation: 1945Reputation: 1945Reputation: 1945Reputation: 1945Reputation: 1945Reputation: 1945Reputation: 1945Reputation: 1945Reputation: 1945
if time syncing, i.e. ntp is the *only* thing you want to do then i'd suggest just running an ntp server on the web server box. if you do want more direct access to the great huge interweb, then you can either configure a squid proxy on the web server for just web browsing and such, or enable ip forwarding (and probably also masquarading) on the server to make it route traffic for you.
 
Old 12-20-2006, 08:17 PM   #3
Swakoo
Member
 
Registered: Apr 2005
Distribution: Red Hat / Fedora / CentOS
Posts: 508

Original Poster
Rep: Reputation: 30
Quote:
Originally Posted by acid_kewpie
if time syncing, i.e. ntp is the *only* thing you want to do then i'd suggest just running an ntp server on the web server box. if you do want more direct access to the great huge interweb, then you can either configure a squid proxy on the web server for just web browsing and such, or enable ip forwarding (and probably also masquarading) on the server to make it route traffic for you.

Hmmm...

Well, first and foremost the time sync is the key factor so I suppose that's the ntp option. But does it load the server? I suppose not yah? is there a quick how-to for it?


But a connection to the internet will be great as my servers are running RHEL and it needs to grab updates. So what methods do you recommend? Is NAT required?
 
Old 12-21-2006, 02:57 AM   #4
acid_kewpie
Moderator
 
Registered: Jun 2001
Location: UK
Distribution: Gentoo, RHEL, Fedora, Centos
Posts: 43,345

Rep: Reputation: 1945Reputation: 1945Reputation: 1945Reputation: 1945Reputation: 1945Reputation: 1945Reputation: 1945Reputation: 1945Reputation: 1945Reputation: 1945Reputation: 1945
rhel installs the ntp server by default, should be fairly simple, this gentoo guide looks useful http://gentoo-wiki.com/HOWTO_NTP

NAT depends on your architecture. your internet connection itself is presumably already doing NAT, so in the wider world you don't need to. you should just be able to enable standard ip forwarding on the box, and put a route on the internet routing traffic to the network behind your front server through it explicitly (assuming it's on the same subnet as this gateway server).
 
Old 04-20-2007, 04:52 AM   #5
Swakoo
Member
 
Registered: Apr 2005
Distribution: Red Hat / Fedora / CentOS
Posts: 508

Original Poster
Rep: Reputation: 30
hi guys... i revisited this problem.. and i tried enabling ip_forwarding on the "web server". the webserver gateway is already properly set.

I then set my db gateway to this webserver, which has ip_forwarding enabled (via sysctl)

but still it doesn't work. one thing interest though is that when I ping a public address from the db, it doesn't even show me "Destination not reachable". it shows me nothing. seems to be waiting for something, which leads me to think... should I install some NAT software on the "web server" so as to let it know how to route traffic back?

Thanks!
 
Old 04-20-2007, 06:29 AM   #6
acid_kewpie
Moderator
 
Registered: Jun 2001
Location: UK
Distribution: Gentoo, RHEL, Fedora, Centos
Posts: 43,345

Rep: Reputation: 1945Reputation: 1945Reputation: 1945Reputation: 1945Reputation: 1945Reputation: 1945Reputation: 1945Reputation: 1945Reputation: 1945Reputation: 1945Reputation: 1945
well thsi all depends on your topology. inside your own network you should have enough intelligence in terms of routers and such to not need nat. your routers should know how to route the traffic back, and the ability to do that removes the need to NAT ip addresses. you should really only ever be looking towards using NAT when transisitoning between private and public ip address spaces, never within your own private network unless you specifically have a need to, which you should not here.
 
Old 04-20-2007, 10:23 PM   #7
Swakoo
Member
 
Registered: Apr 2005
Distribution: Red Hat / Fedora / CentOS
Posts: 508

Original Poster
Rep: Reputation: 30
Basically, other than NTP (which I have not try to set the server on one of my web server - i just thought I want to try out this first), I'm hoping to get my internal servers (dB, fileserver etc) so be able to resolve public addresses so as to grab updates via internet (RedHat Network etc).

My infrastructure do not have a router. We are just given an uplink by the datacenter for our bandwidth, which acts as our gateway.

So other than my front-end servers (web servers) and load balancer, the servers at the back can't access the net, and that is what I am trying to achieve...

does it make sense? otherwise, I'm really just trying to find out if it is possible
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off
Trackbacks are Off
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
blocking specific websites, but allowing internet access poiuytrewq Linux - General 6 08-31-2006 11:45 PM
I want to setup a dial up with access to the internal network and internet depam Linux - Software 2 05-02-2006 07:21 AM
Ndiswrapper for internal wireless No internet but can Access Router slag02 Suse/Novell 1 04-01-2006 02:21 PM
Problem with setting up internal internet access Red HamsterX Linux - Networking 4 03-03-2004 11:05 PM
LAN internal mailserver no internet access guanyu Linux - Networking 8 11-14-2002 11:44 PM


All times are GMT -5. The time now is 03:05 AM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration