thr3ads.net - LARTC - ipmasqadm and default route on masqueraded host [Feb 2001]

If this information is useful, please help other people find it:
Share via:

striscio

2001-Feb-28 08:57 UTC

ipmasqadm and default route on masqueraded host

Hi,
I''m running a Debian 2.2r2 on a university server with 3 public ip on
one
ethernet card (but soon we will have three cards).
There''s a tunnel (implemented with vtund on a tun interface with local 
address 192.168.1.10 and remote 192.168.1.20) from this server to another 
server without public ip and behind a router.
I wanted to make the second server visible to the world, so I reserver one of 
the three ip public address (say 111.111.111.111, 111.111.111.112 and 
111.111.111.113) for the job and I made an ipmasqadm portfw rule to redirect 
incoming packets on 111.111.111.111 port 80 to the remote address of the 
tunnel interface (192.168.1.20)
Things are running. Packets are redirected from the public address to the 
private one and then , via tun interface, reach the "private server".
BUT packets are arriving un-masquearded, that''s to say with the address
of
the host that requested the connection.
So to get things working I have to set as default route for
I have ot set the public server as default route on the masqueraded one, the 
thing it''s not so good for me, ''cause the masqueraded server
act as gateway
for a sub-net and I don''t want all the traffic being routed on the
tunnel
interface.
I think that the right way is to get packets being masqueraded from the 
public server with it''s tunnel address, so that the masqueraded server
will
know where to send back packets. 

Any suggestion is really welcome.

As better explain than my english I add here some rules and info.
                HOST A                                    HOST B 
                --------                                  --------

     eth0                    tun1                 tun1                 eth0
111.111.111.111   192.168.1.10        192.168.1.20     172.20.32.1
    eth0:1
111.111.111.112

HOST A
#masq what is coming from HOST B
ipchains -A forward -s 192.168.1.20/32 -d 0.0.0.0/0  -j MASQ
#masq what goes to HOST B
#ipchains -A forward -s 0.0.0.0/0 -d 192.168.1.20/32 -l -j MASQ
#redirect
ipmasqadm portfw -a -P tcp -L 111.111.111.111 80 -R 192.168.1.20 80

HOST B
#172.16.32.1 #ROUTER/GATEWAY OF THE LAB
#how to reach the public end of the tunnel 
route add -host 111.111.111.112 gw 172.16.32.1


	Thanks,

	gianpaolo

-- 
gianpaolo racca
gianpaolo@preciso.net
http://www.preciso.net

Reasonably Related Threads

Search for more apparently analagous threads

LARTC - Feb 2001 - ipmasqadm and default route on masqueraded host

ipmasqadm and default route on masqueraded host

Reasonably Related Threads

Wisdom of the Ancients