LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Networking (https://www.linuxquestions.org/questions/linux-networking-3/)
-   -   How multiple gateways on same network? (https://www.linuxquestions.org/questions/linux-networking-3/how-multiple-gateways-on-same-network-847692/)

aigars 12-01-2010 07:52 AM
How multiple gateways on same network?
 
Hello!

I have 3 servers interconnected with IPs 192.168.150.1-3. First two has internet connection and third first server uses them as gateways. After googling and reading howtos I managed to get it working: The firewall for ssh on first server is defined
Code:
...
iptables -A EXTIN -p tcp --dport 23 -j ACCEPT
iptables -A FORWARD -p tcp -d 192.168.150.3  --dport 22 -j ACCEPT
iptables -t nat -A POSTROUTING  -d 192.168.150.3 -p tcp --dport 22 -j SNAT --to 192.168.150.1
iptables -t nat -A PREROUTING -i ppp0 -p tcp --dport 23 -j DNAT --to 192.168.150.3:22
...
On Seconds server:
Code:
...
iptables -A EXTIN -p tcp --dport 23 -j ACCEPT
iptables -A FORWARD -p tcp -d 192.168.150.3  --dport 22 -j ACCEPT
iptables -t nat -A POSTROUTING  -d 192.168.150.3 -p tcp --dport 22 -j SNAT --to 192.168.150.2
iptables -t nat -A PREROUTING -i ppp0 -p tcp --dport 23 -j DNAT --to 192.168.150.3:22
...

And on third route is defined like this:
Code:
ip route add default scope global nexthop via 192.168.150.1 dev eth0 nexthop via 192.168.150.2 dev eth0
It works, but the problem is that connections on third server are shown that their connected from 192.168.150.1 or 192.168.150.2.

Are there is any way to keep original connection source address, when connecting to 192.168.150.3?

Thanks in advance,
Aigars

tshikose 12-21-2010 10:08 AM
Hi,

I don't think you can achieve what you want, as it is exactly the purpose of NATing.

You can still add a logging line that matches the NATing one you want to keep trace of.

Regards,

Tshimanga.

jefro 12-21-2010 04:31 PM
You may be able to run a proxy.pac file to decide the gateways.


All times are GMT -5. The time now is 01:31 PM.