LinuxQuestions.org
Share your knowledge at the LQ Wiki.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Networking
User Name
Password
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.

Notices


Reply
  Search this Thread
Old 01-12-2019, 09:29 AM   #1
mike8610
LQ Newbie
 
Registered: Jan 2019
Posts: 1

Rep: Reputation: Disabled
Unhappy Port forwarding from public IP to internal (Proxmox via vmbr0 & vmbr1).


Hi Guys,

My first post here Hopefully I will learn a lot


I have an issue.

I have a proxmox with 1 public IP.

Public ip is connected to VMBR0

I have also VMBR1 which supposed to provide connectivity for all VM's (10.0.0.0/8)


Now I was trying to find a solution on Proxmox forum, but ended up with HAProxy.

Unfortunately HAProxy doesn't support UDP (Galera Cluster), so I have to find a solution to redirect any port from public IP to any port on internal network.


Let's say:

vmbr0 - IP 99.99.99.99
vmrb1 - IP 10.0.254.1/8 (bridge to vmbr0)

VM is using eth0 that is 10.1.1.1/8


HAProxy redirect ports just fine, but I need a solution to redirect any type of packet.

HAProxy I want to use strictly to redirect traffic between servers using their public IP & specific port for specific application / service / api.




Here is my config



auto lo
iface lo inet loopback

iface enp1s0 inet manual

iface enp2s0 inet manual

auto vmbr0
iface vmbr0 inet static
address 111.125.121.24/24
gateway 111.125.121.24
bridge-ports enp1s0
bridge-stp off
bridge-fd 0


auto vmbr1
iface vmbr1 inet static
address 10.254.1.2
netmask 255.0.0.0
bridge-ports vmbr0
bridge-stp off
bridge-fd 0


post-up echo 1 > /proc/sys/net/ipv4/ip_forward
post-up iptables -t nat -A POSTROUTING -s '10.0.0.0/8' -o vmbr0 -j MASQUERADE
post-down iptables -t nat -D POSTROUTING -s '10.0.0.0/8' -o vmbr0 -j MASQUERADE
post-up iptables -t nat -A PREROUTING -p tcp -d 111.125.121.24 --dport 4344 -i vmbr0 -j DNAT --to-destination 10.1.1.2:22
post-down iptables -t nat -A POSTROUTING -p tcp -d 111.125.121.24 --dport 4344 -j SNAT --to-source 10.1.1.2
# post-up iptables -t nat -A PREROUTING -i vmbr0 -p tcp --dport 6022 -j DNAT --to 10.1.1.2:22
# post-down iptables -t nat -D PREROUTING -i eth0 -p tcp --dport 6022 -j DNAT --to 10.1.1.2:22

Last edited by mike8610; 01-12-2019 at 09:57 AM.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
brctl showmacs vmbr0 vincix Linux - Virtualization and Cloud 0 03-29-2018 08:45 PM
Forward from 1 public ip:port to another public ip:port on another machine Dan666 Linux - Security 1 11-28-2015 07:13 PM
Port Forwarding - Refer Traffic From Port 8000 to another internal IP deepGC Linux - Newbie 3 10-10-2015 04:17 PM
Setup Debian with 2 Nics and two public IP`s but one gateway - Proxmox-Related MrBrown997 Linux - Networking 2 12-05-2014 06:12 PM
Gotta love those ٱٱٱٱٱٱٱ&# iLLuSionZ Linux - General 5 11-18-2003 08:14 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Networking

All times are GMT -5. The time now is 02:31 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration