|
|
Sponsored Content
Operating Systems
Linux
IP Traffic forwarding
Post 302344622 by Anuradhai4i on Monday 17th of August 2009 07:01:48 AM
08-17-2009
IP Traffic forwarding
Hello All
I have the following setup of a network. Client machines sends requests to the server which is (192.168.1.50) running on Ubuntu server 8.04. And this server forwards all incoming traffic from clients to another server (192.168.1.100) when it's available. The availability is checked periodically using a shell script.
The following NAT rule has been given for the forwarding task.
Rule 1: Iptables -t nat -A PREROUTING -d 192.168.1.50 -j DNAT --to-destination 192.168.1.100
In the event 192.168.1.100 is unavailable the shell script will detect the unavailability and shift the traffic to 192.168.1.200. The current iptable rules are flushed and the following rule is applied.
Rule 2: Iptables -t nat -A PREROUTING -d 192.168.1.50 -j DNAT --to-destination 192.168.1.200
In the normal scenario when 192.168.1.100 is available the forwarding rule (Rule 1) works properly. The issue is when 192.168.1.100 is unavailable and the traffic is shifted to 192.168.1.200 the traffic is not forwarded properly as required. However when 192.168.1.50 is rebooted and Rule 2 is applied the
forwarding happened as required.
ARP cache and router cache was cleared as well but that did not
solve the issue. The issue was solved only after rebooting 192.168.1.50
Any idea that I can get this sone without rebooting 192.168.1.50 ?
Thank you in advance
Anuradha
I have the following setup of a network. Client machines sends requests to the server which is (192.168.1.50) running on Ubuntu server 8.04. And this server forwards all incoming traffic from clients to another server (192.168.1.100) when it's available. The availability is checked periodically using a shell script.
The following NAT rule has been given for the forwarding task.
Rule 1: Iptables -t nat -A PREROUTING -d 192.168.1.50 -j DNAT --to-destination 192.168.1.100
In the event 192.168.1.100 is unavailable the shell script will detect the unavailability and shift the traffic to 192.168.1.200. The current iptable rules are flushed and the following rule is applied.
Rule 2: Iptables -t nat -A PREROUTING -d 192.168.1.50 -j DNAT --to-destination 192.168.1.200
In the normal scenario when 192.168.1.100 is available the forwarding rule (Rule 1) works properly. The issue is when 192.168.1.100 is unavailable and the traffic is shifted to 192.168.1.200 the traffic is not forwarded properly as required. However when 192.168.1.50 is rebooted and Rule 2 is applied the
forwarding happened as required.
ARP cache and router cache was cleared as well but that did not
solve the issue. The issue was solved only after rebooting 192.168.1.50
Any idea that I can get this sone without rebooting 192.168.1.50 ?
Thank you in advance
Anuradha
|
|
10 More Discussions You Might Find Interesting
1. UNIX for Dummies Questions & Answers
Hi,
I would like to set up an E-mail forwarding service like Netaddress whereby users would be able to create an E-mail account in my domain name and have all the mail sent to that account forwarded to an alternate address they specify.
I know that I can redirect mail sent to my domain using... (1 Reply)
Discussion started by: BigBro
1 Replies
2. IP Networking
Can anyone out there explain to me how to multi home a nic? I hate to say it but I'm a windows guy forced to learn Unix. The issue I currently have is I can't changed the ip on eth0, but in order to make it pingable by other servers I need to multi home the nic with a totally seperate Ip. Any help... (1 Reply)
Discussion started by: win2khater
1 Replies
3. UNIX for Dummies Questions & Answers
Hi, I'd like to forward my Emails from my domain to my gmx and web.de accounts. For example:
bla@blabla.de to bla@gmx.de
blabla@blabla.de to bla@web.de
How to do this ? I know that .forward forwards all emails to one account, but that's not what I want. (8 Replies)
Discussion started by: sai
8 Replies
4. UNIX for Advanced & Expert Users
Hi,
I have to install an application that has a built in tftp server. Tftp comes in on port 69. As i am not installing this application as a root user i am running into trouble because only the root user can listen to ports < 1024. So changing the port i listen to to one greater than 1023 isn't... (1 Reply)
Discussion started by: imloaded24_7
1 Replies
5. UNIX for Advanced & Expert Users
Hi
I want to set up port forwarding from one network to another network. I already have this configured on the Linux box using iptables.
iptables -t nat -A PREROUTING -p tcp -i eth1 --dport 1521 -j DNAT --to 10.218.146.230
iptables -A FORWARD -p tcp -i eth1 -d 10.218.146.230 -j ACCEPT
... (2 Replies)
Discussion started by: slash_blog
2 Replies
6. Solaris
Hello everybody,
I have solaris 10 running on SF v890, I need to forward some sepecific root mails resulted from some application, (or all root mails) to other machine running Solaris 10 also.
does it have anything to do with mail relay, or just change the log settings???
Thanks in Advance... (1 Reply)
Discussion started by: aladdin
1 Replies
7. Cybersecurity
Hi,
from my workplace we use a proxy to connect to the outside world, including external ssh servers.
The problem is that the server is seeing the connection coming from the proxy and knows nothing about the client behind it. The ssh connection itself works fine, but x-forwarding does not work as... (1 Reply)
Discussion started by: vampirodolce
1 Replies
8. AIX
X Forwarding has quit working on only 2 of our AIX Servers.
ssh -X -vvv host
That shows it requesting the X11 forward auth spoofing.
No errors.
echo $DISPLAY shows the display variable
However when I execute xclock.... nothing... Kinda like it just hangs and for some reasons it does... (1 Reply)
Discussion started by: Gibby13
1 Replies
9. UNIX for Dummies Questions & Answers
Hi all. I'm not sure I'm posting this in the correct forum. Let me know if I should move it.
I'm trying to setup a downstream router. I have a fairly standard gateway box that provides NAT, DCHP, etc. I want to add another router for QOS.
I'd like to go from the gateway to the QOS box, then... (2 Replies)
Discussion started by: Thorgear
2 Replies
10. IP Networking
With the following machines...
Server 1: PPTP client windows; Public IP: 1.1.1.1
Server 3: PPTP server centos6; Public IP: 3.3.3.3
Connecting VPN server3 from server1 works correctly!
Goal is to have a middle server forwarding traffic in both ways
Server 1: PPTP client windows; Public IP:... (0 Replies)
Discussion started by: pedroz
0 Replies
LEARN ABOUT SUSE
ifndp-proxy
IFNDP-PROXY(5) Network configuration IFNDP-PROXY(5) NAME
ifndp-proxy[-<interface name>] - IPv6 NDP and IPv4 ARP proxy entries SYNOPSIS
/etc/sysconfig/network/ifndp-proxy /etc/sysconfig/network/ifndp-proxy-<interface name> DESCRIPTION
These files contain IPv6 NDP and IPv4 ARP proxy settings, that should be applied using the ip neigh add proxy command documented in the ip(8) manual page that provides a common interface for IPv4 and IPv6. The NDP/ARP proxy is required, e.g. when IP addresses from the same subnet have to be used on the interface of the host as well as on interfaces behind a (tunnel) interface and using a bridge is not an option. Don't forget to enable forwarding and the NDP/ARP proxy by setting net.ipv6.conf.<all|default|interface name>.proxy_ndp = 1 net.ipv6.conf.<all|default|interface name>.forwarding = 1 and/or net.ipv4.conf.<all|default|interface name>.proxy_arp = 1 net.ipv4.conf.<all|default|interface name>.forwarding = 1 or net.ipv4.ip_forward = 1 either as global all setting in the /etc/sysctl.conf file or using the ifsysctl(5) files, that allow per-interface setup. Forwarding can be also enabled in the /etc/sysconfig/sysctl file using the IP_FORWARD and IPV6_FORWARD variables. The proxy entries are added and deleted using the if-{up|down}.d/ndp-proxy script, every time after an involved interface has been set up or down. SYNTAX
The format of the ifndp-proxy file is: <address> <address interface> <proxy interface list> The format of the ifndp-proxy-<address interface> file is same to above, but allows also to omit the address interface by using a "-" as placeholder inside of the file, because it is already available in the file name: <address> <address interface | -> <proxy interface list> Lines beginning with # and blank lines are ignored. Each line defines to add a proxy NDP/ARP entry with the address of or behind address interface to all interfaces in the proxy interface list. EXAMPLES
Let's assume, your machine is connected via eth0 to a switch with the networks 2001:db8:abba::/64 and 192.168.100.1/24 and is using the IP address 1 itself. You'd like to use the addresses 11 and 12 e.g. for virtual machines behind the tap1 and tap2 interface, that is: 2001:db8:abba::1/64 -- local eth0 address 2001:db8:abba::11/64 -- address behind tap1 2001:db8:abba::12/64 -- address behind tap2 192.168.100.1/24 -- local eth0 address 192.168.100.11/24 -- address behind tap1 192.168.100.12/24 -- address behind tap2 then set up the following entries in the ifndp-proxy file: 2001:db8:abba::1 eth0 tap1 tap2 2001:db8:abba::11 tap1 eth0 tap2 2001:db8:abba::12 tap2 eth0 tap1 192.168.100.1 eth0 tap1 tap2 192.168.100.11 tap1 eth0 tap2 192.168.100.12 tap2 eth0 tap1 additionally to the routing entries in the routes or ifroute-<interface name> files. BUGS
Please report bugs at <https://bugzilla.novell.com/> AUTHOR
Marius Tomaschewski <mt@suse.de> SEE ALSO
ifup(8) ifcfg(5) ifsysctl(8) sysconfig December 2009 IFNDP-PROXY(5)