LinuxQuestions.org
Latest LQ Deal: Latest LQ Deals
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Networking
User Name
Password
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.

Notices


Reply
  Search this Thread
Old 09-11-2007, 07:38 PM   #1
bppilot
LQ Newbie
 
Registered: Sep 2007
Posts: 7

Rep: Reputation: 0
Question How can you make one IP address translate internally to another IP address?


First off, thanks for any help anyone can provide. I'm definitely stuck on this one and can't seem to figure it out myself.

I've got a bit of a unique (at least I think so!) situation that I'm hoping someone can shed some light on. After suffering a massive failure during a hosting company move, I decided to take my online webserver destiny into my own hands. I've got two idential systems, both running Red Hat Enterprise Linux ES release 4 (Nahant Update 5) and Plesk 8.2.0 with all of my domains on them. The drive from the first system was DD'd to the second system, so they are identical in every way. One is at my new hosting company, and I have one in-house as a backup.

Here's my issue:

On my primary box, I've got it set to copy all of the files nightly and update them on my backup server. This all works great to keeps my backup server up to date as an exact clone. The only problem lies in the IP address routing.

On my primary online box, I've got sites running on the following IP addresses (just for example, not the "true IP's"):
74.123.123.111
74.123.123.222

The network connection to my backup box actually has the IP's of:
192.168.123.245
192.168.123.246

These are virtual sites on the IP's. So, if I go to access my primary box at my hosting company, I can type in www.example.com and it translates to the right IP on the box and makes the connection.

If I go to access it on my in-house "backup" server, it doesn't work (I've added www.example.com 192.168.123.245 to my windows hosts file for this test) - I do see the "default" page for the IP itself though. So, I am able to access the web server, but the address translation doesn't take place properly to get me to the right virtual site on the internal IP.)

I know that I can go into the Plesk panel and change each and every sites IP address to the 192.168.123.245, but that's not a good solution since I've got hundreds of sites and each night box is being overwritten again with the "fresh" data including the server companies IP addresses.

Is there any way that anyone knows of where I can do something perhaps with the ROUTE command or other system I can automated with a perl script to make it so that on the backup system, anyone that goes to www.example.com (or whatever domain) on 192.168.123.245, it will translate and forward it to the what the in-house box thinks is 74.123.123.111.

Hopefully this makes sense what I'm looking to do. Again, I'm not sure if I can do this with the ROUTE command, or the IP TABLES, or even if it's possible. Any suggestions will be greatly appreciated!

Here's my current ROUTE table (192.168.123.254 is the gateway that this backup box is plugged into):

192.168.123.0 * 255.255.255.0 U 0 0 0 eth0
192.168.123.0 * 255.255.255.0 U 0 0 0 eth1
10.100.0.0 * 255.255.0.0 U 0 0 0 eth1
169.254.0.0 * 255.255.0.0 U 0 0 0 eth1
default 192.168.123.254 0.0.0.0 UG 0 0 0 eth0
 
Old 09-12-2007, 08:54 AM   #2
theNbomr
LQ 5k Club
 
Registered: Aug 2005
Distribution: OpenSuse, Fedora, Redhat, Debian
Posts: 5,398
Blog Entries: 2

Rep: Reputation: 908Reputation: 908Reputation: 908Reputation: 908Reputation: 908Reputation: 908Reputation: 908Reputation: 908
If I understand your question correctly, you've got absolute URLs embedded in your primary site documents, and these URLs point specifically at the primary site. If this is correct, it would seem that the optimal solution would be to translate those URLs to relative URLs. This will relieve you of the pain of any future migration from one IP to another.
--- rod.
 
Old 09-12-2007, 09:35 AM   #3
theNbomr
LQ 5k Club
 
Registered: Aug 2005
Distribution: OpenSuse, Fedora, Redhat, Debian
Posts: 5,398
Blog Entries: 2

Rep: Reputation: 908Reputation: 908Reputation: 908Reputation: 908Reputation: 908Reputation: 908Reputation: 908Reputation: 908
Okay, your question intrigued me enough to do a little research, since it somewhat matches a requirement of my own. It seems to me that if the local clients route everything through a configurable router such as an iptables based linux host, then you should be able to DNAT the request packets that would be sent to the primary web server. The destination address would be translated to the local backup server, which would reply to the local client. The reply packets would need to be SNAT'ed, so they would appear to have originated at the primary server, and be properly handled upon receipt by the client.

Without being able to actually test it, I think you would want some iptables rules something like:
Code:
iptables -t nat -A PREROUTING -d 74.123.123.111:80 -j DNAT --to-destination 192.168.123.245:80
iptables -t nat -A POSTROUTING -s 192.168.123.245 -j SNAT --to-destination 74.123.123.111
This should make ALL HTTP traffic destined for the primary server redirect to the local backup.
Hopefully someone else skilled in the use of iptables can fill in any missing details or errors.

--- rod.

Last edited by theNbomr; 09-12-2007 at 09:37 AM.
 
Old 09-12-2007, 11:08 PM   #4
bppilot
LQ Newbie
 
Registered: Sep 2007
Posts: 7

Original Poster
Rep: Reputation: 0
Thanks for the suggestion on this one. I've tried the above solution, but am seeing the error:

iptables v1.2.11: Need TCP or UDP with port specification

I'll do a little research on this end and see if I can find out what might be missing in the line. Feeling like I'm much closer to a solution though! Thanks
 
Old 09-13-2007, 12:08 AM   #5
theNbomr
LQ 5k Club
 
Registered: Aug 2005
Distribution: OpenSuse, Fedora, Redhat, Debian
Posts: 5,398
Blog Entries: 2

Rep: Reputation: 908Reputation: 908Reputation: 908Reputation: 908Reputation: 908Reputation: 908Reputation: 908Reputation: 908
Since I specified port 80, you need to add to each iptables command:
Code:
-p tcp
because HTTP uses TCP.

--- rod.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
Router gateway address being picked up as primary DNS address under SuSe Hubmasterflex Linux - Networking 13 10-18-2008 01:40 PM
Single DHCP server ,to provide the ip address to a MAC address in two different subne alix123 Linux - Software 5 05-08-2007 11:16 PM
dhcp no ip address and netmask dont match route address pengy666 Linux - Wireless Networking 1 05-08-2005 09:33 AM
how to get ip address, broadcast address, mac address of a machine sumeshstar Programming 2 03-12-2005 04:33 AM
kppp not able to translate Domain Name to IP address Pico_01 Linux - General 1 02-25-2004 04:18 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Networking

All times are GMT -5. The time now is 11:08 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration