Hi there,
I have a dedicated server with 1&1. I have ordered multiple ip addresses. What I have now is a 1:1 DNAT map. Each public ip address that is aliased to eth0 is mapped to one private ip address.

This is my iptables nat table to clarify what I mean.


Chain PREROUTING (policy ACCEPT 314K packets, 153M bytes)
pkts bytes target prot opt in out source destination
3434 770K DNAT all -- * * 0.0.0.0/0 82.165.145.165 to:10.216.228.217
2764 704K DNAT all -- * * 0.0.0.0/0 82.165.145.141 to:10.216.228.200
2713 708K DNAT all -- * * 0.0.0.0/0 82.165.145.140 to:10.216.228.216
107K 6548K DNAT all -- * * 0.0.0.0/0 82.165.152.106 to:10.216.228.218

Chain POSTROUTING (policy ACCEPT 109K packets, 6653K bytes)
pkts bytes target prot opt in out source destination
115K 5004K SNAT all -- * * 10.216.228.218 0.0.0.0/0 to:82.165.152.106
0 0 SNAT all -- * * 10.216.228.216 0.0.0.0/0 to:82.165.145.140
0 0 SNAT all -- * * 10.216.228.200 0.0.0.0/0 to:82.165.145.141
0 0 SNAT all -- * * 10.216.228.217 0.0.0.0/0 to:82.165.145.165


Chain OUTPUT (policy ACCEPT 20426 packets, 1350K bytes)
pkts bytes target prot opt in out source destination
0 0 DNAT all -- * * 0.0.0.0/0 82.165.145.165 to:10.216.228.217
0 0 DNAT all -- * * 0.0.0.0/0 82.165.145.141 to:10.216.228.200
0 0 DNAT all -- * * 0.0.0.0/0 82.165.145.140 to:10.216.228.216
2 168 DNAT all -- * * 0.0.0.0/0 82.165.152.106 to:10.216.228.218




These are my public ip's all aliased to eth0


eth0:1 Link encap:Ethernet HWaddr 00:13:20:12:6A:C7
inet addr:82.165.152.106 Bcast:82.165.152.106 Mask:255.255.255.255
UP BROADCAST NOTRAILERS RUNNING MULTICAST MTU:1500 Metric:1
Interrupt:18

eth0:2 Link encap:Ethernet HWaddr 00:13:20:12:6A:C7
inet addr:82.165.145.140 Bcast:82.165.145.140 Mask:255.255.255.255
UP BROADCAST NOTRAILERS RUNNING MULTICAST MTU:1500 Metric:1
Interrupt:18

eth0:3 Link encap:Ethernet HWaddr 00:13:20:12:6A:C7
inet addr:82.165.145.141 Bcast:82.165.145.141 Mask:255.255.255.255
UP BROADCAST NOTRAILERS RUNNING MULTICAST MTU:1500 Metric:1
Interrupt:18

eth0:4 Link encap:Ethernet HWaddr 00:13:20:12:6A:C7
inet addr:82.165.145.165 Bcast:82.165.145.165 Mask:255.255.255.255
UP BROADCAST NOTRAILERS RUNNING MULTICAST MTU:1500 Metric:1
Interrupt:18

eth0:5 Link encap:Ethernet HWaddr 00:13:20:12:6A:C7
inet addr:82.165.145.188 Bcast:82.165.145.188 Mask:255.255.255.255
UP BROADCAST NOTRAILERS RUNNING MULTICAST MTU:1500 Metric:1
Interrupt:18

eth0:6 Link encap:Ethernet HWaddr 00:13:20:12:6A:C7
inet addr:82.165.145.189 Bcast:82.165.145.189 Mask:255.255.255.255
UP BROADCAST NOTRAILERS RUNNING MULTICAST MTU:1500 Metric:1
Interrupt:18

eth0:7 Link encap:Ethernet HWaddr 00:13:20:12:6A:C7
inet addr:82.165.145.206 Bcast:82.165.145.206 Mask:255.255.255.255
UP BROADCAST NOTRAILERS RUNNING MULTICAST MTU:1500 Metric:1
Interrupt:18

eth0:8 Link encap:Ethernet HWaddr 00:13:20:12:6A:C7
inet addr:82.165.145.207 Bcast:82.165.145.207 Mask:255.255.255.255
UP BROADCAST NOTRAILERS RUNNING MULTICAST MTU:1500 Metric:1
Interrupt:18


What I would like to do is map the actual ip address to the computers behind the linux router rather then using NAT to map them 1:1. I have spent all day on google reading about proxyarp. Even with that information I havent figured out how to set this up. I can't bridge the connection because 1&1 disables the connection if it sees more than one mac address on eth0. So all these ip addresses have to look like they are coming from the dedicated server using its MAC address rather than the computers behind it.


Thank you,
MarleyGPN

Forgot to post the route table. 10.255.255.1 is the default gw for all those public ip addresses. Thats the part that is complicating it for me.

Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
10.255.255.1 * 255.255.255.255 UH 0 0 0 eth0
10.216.228.0 * 255.255.255.0 U 0 0 0 br0
loopback * 255.0.0.0 U 0 0 0 lo
default 10.255.255.1 0.0.0.0 UG 0 0 0 eth0

What's the output of ifconfig ?

Hi there,

This is the output from ifconfig. eth0 is the connection to 1&1, the aliases are for the additional ip addresses. Tap0 is my layer2 openvpn tunnel that is connected to my network back home. What I would like to do is assign these ip addresses except the one on eth0, directly to my computers back home on the other side of that tunnel. The easiest way of doing this would of been to bridge eth0 to tap0. But 1&1 automatically boots me off their network if they see any other mac address than the one on eth0. The only thing I could think of is proxy arp. I have been studying it for the past week, and havent managed to figure out how to implement it with my setup. Especially with that weird default gateway 1&1 uses.

eth0 Link encap:Ethernet HWaddr 00:13:20:12:6A:C7
inet addr:82.165.183.194 Bcast:82.165.183.194 Mask:255.255.255.255
inet6 addr: fe80::213:20ff:fe12:6ac7/64 Scope:Link
UP BROADCAST NOTRAILERS RUNNING MULTICAST MTU:1500 Metric:1
RX packets:6529879 errors:0 dropped:0 overruns:0 frame:0
TX packets:8226090 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:2727637214 (2601.2 Mb) TX bytes:1951916005 (1861.4 Mb)
Interrupt:18

eth0:1 Link encap:Ethernet HWaddr 00:13:20:12:6A:C7
inet addr:82.165.152.106 Bcast:82.165.152.106 Mask:255.255.255.255
UP BROADCAST NOTRAILERS RUNNING MULTICAST MTU:1500 Metric:1
Interrupt:18

eth0:2 Link encap:Ethernet HWaddr 00:13:20:12:6A:C7
inet addr:82.165.145.140 Bcast:82.165.145.140 Mask:255.255.255.255
UP BROADCAST NOTRAILERS RUNNING MULTICAST MTU:1500 Metric:1
Interrupt:18

eth0:3 Link encap:Ethernet HWaddr 00:13:20:12:6A:C7
inet addr:82.165.145.141 Bcast:82.165.145.141 Mask:255.255.255.255
UP BROADCAST NOTRAILERS RUNNING MULTICAST MTU:1500 Metric:1
Interrupt:18

eth0:4 Link encap:Ethernet HWaddr 00:13:20:12:6A:C7
inet addr:82.165.145.165 Bcast:82.165.145.165 Mask:255.255.255.255
UP BROADCAST NOTRAILERS RUNNING MULTICAST MTU:1500 Metric:1
Interrupt:18

eth0:5 Link encap:Ethernet HWaddr 00:13:20:12:6A:C7
inet addr:82.165.145.188 Bcast:82.165.145.188 Mask:255.255.255.255
UP BROADCAST NOTRAILERS RUNNING MULTICAST MTU:1500 Metric:1
Interrupt:18

eth0:6 Link encap:Ethernet HWaddr 00:13:20:12:6A:C7
inet addr:82.165.145.189 Bcast:82.165.145.189 Mask:255.255.255.255
UP BROADCAST NOTRAILERS RUNNING MULTICAST MTU:1500 Metric:1
Interrupt:18

eth0:7 Link encap:Ethernet HWaddr 00:13:20:12:6A:C7
inet addr:82.165.145.206 Bcast:82.165.145.206 Mask:255.255.255.255
UP BROADCAST NOTRAILERS RUNNING MULTICAST MTU:1500 Metric:1
Interrupt:18

eth0:8 Link encap:Ethernet HWaddr 00:13:20:12:6A:C7
inet addr:82.165.145.207 Bcast:82.165.145.207 Mask:255.255.255.255
UP BROADCAST NOTRAILERS RUNNING MULTICAST MTU:1500 Metric:1
Interrupt:18

lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:16436 Metric:1
RX packets:11167 errors:0 dropped:0 overruns:0 frame:0
TX packets:11167 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:897640 (876.6 Kb) TX bytes:897640 (876.6 Kb)

tap0 Link encap:Ethernet HWaddr 5E:EBA:0F:3B:CF
inet addr:10.216.228.201 Bcast:10.216.228.255 Mask:255.255.255.0
inet6 addr: fe80::5ceb:daff:fe0f:3bcf/64 Scope:Link
UP BROADCAST RUNNING PROMISC MULTICAST MTU:1500 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:227117 errors:0 dropped:7 overruns:0 carrier:0
collisions:0 txqueuelen:100
RX bytes:0 (0.0 b) TX bytes:13531973 (12.9 Mb)

Anyone have any ideas? Still havent had any luck with my search.

Uh, connect a switch between the Linux router and the other boxes. Set the IP's on each of the other using the linux box as their gateway.

The linux box is at a co-location. I need to tunnel those ip's though. I need a way of doing it without bridging. If I bridge they knock me off their network the second they see another mac address other than the one assigned to my NIC.

Hi there,

Well I started playing around with the routing tables and finally got it to work. It is a complete mess and there is probably security holes everywhere. But it works. Now all I have to do is clean it up a bit, and fix any security holes I see

Thanks,
MarleyGPN