[ale] iptables redirect

Chris Fowler cfowler at outpostsentinel.com
Thu Aug 6 14:20:25 EDT 2009


This issue I ran into is that they have 2 links into my 2900 switch.  I
tried to use aliasing but I need a system where the same machine has two
default gateways.  I have about 7 machines to convert over.

I think what I'll try is iproute and setup a system with two nics and
each nic with its own gateway.  I'm testing that idea now by install
CentOS 5.3 on my vmserver host.  I've added two network interfaces from
the same bridged interface from the host.  If this works then for my
guests I can just shut them down, add another interface and make this
work.  For the real servers I'll have to try something like the iptables
trick.


On Thu, 2009-08-06 at 12:07 -0600, JK wrote:
> Chris Fowler wrote:
> > Is is possible to use iptables to redirect from one server to another.
> 
> 
> Sure.
> 
> iptables -t nat -I PREROUTING -i $ETH_INGRESS -d $ORIG_DEST_IP -j DNAT --to-dest $NEW_DEST_IP
> 
> As long as the machine handling the packet knows how to route traffic
> to NEW_DEST_IP, you should be OK.  You'll probably also need to SNAT
> that traffic, though, unless the NEW_DEST_IP machine's route back to
> the original source passes through the machine you're installing the
> iptables rule on:
> 
> iptables -t nat -I POSTROUTING -o $ETH_EGRESS -d $NEW_DEST_IP -j SNAT --to-dest $MY_IP
> 
> -- JK
> 
> 
> 
> > Here is the issue.
> > 
> > We have a new address range.  I now have two sets of public addresses.
> > I need to release the old set.  I have many devices programmed to go to
> > the old IP.  Can I create an iptables rule on 65.254.217.212 to redirect
> > to 74.113.143.4 ?  Any request to the old server will be sent to the new
> > server.  After I reprogram the devices then I'll relinquish the old
> > address.
> > 
> > Chris
> > 
> > 
> > _______________________________________________
> > Ale mailing list
> > Ale at ale.org
> > http://mail.ale.org/mailman/listinfo/ale
> > 
> > 
> 
> _______________________________________________
> Ale mailing list
> Ale at ale.org
> http://mail.ale.org/mailman/listinfo/ale



More information about the Ale mailing list