We are trying to forward a virtual external IP to an apache server on the internal network, who could help us solve this problem ? We have 4 servers. 1 is acting as a gateway to the internet. Behind this gateway we have 3 apache servers. On the gateway we have the internal ip 10.10.100.1 and we have 4 outside ip’s 213.125.147.80 is the real ip, the other 3 ip’s are virtual ip’s. now we want to forward the virtual ip’s to the apache machines but we cant get this working. 213.125.147.81 port 80 needs to be forwarded to 10.10.100.2 port 80 213.125.147.82 port 80 needs to be forwarded to 10.10.100.3 port 80 213.125.147.83 port 80 needs to be forwarded to 10.10.100.4 port 80
You should be able to do this with IPTables: something similar to Or you just use firehol (http://firehol.sf.net) which is an abstraction to ip_tables easy to configure, with fallback in case you mess up things an will still be able to reach your server e.g. ssh
Thank you for your quick response. I am new to the ip tables thing. I am trying your solution but i still cant get it working. Config: Eth1 is the outside nic, Eth0 is the inside nic. Eth1 = 213.125.147.81 Eth1:0 = 213.125.147.82 Eth1:1 = 213.125.147.83 Eth1:2 = 213.125.147.84 Eth0 = 10.10.100.1 I have the solution you gave me implemented in this way: modprobe ip_tables modprobe ip_conntrack modprobe iptable_nat modprobe ipt_MASQUERADE echo 1 > /proc/sys/net/ipv4/ip_forward 2> /dev/null iptables -t nat -A POSTROUTING -o eth1 -j MASQUERADE iptables -t nat -A PREROUTING -p tcp -i eth1 --dport 80 -j DNAT --to-destination 10.10.100.2:80 iptables -t nat -A PREROUTING -p tcp -i eth1 --dport 80 -j DNAT --to-destination 10.10.100.3:80 iptables -t nat -A PREROUTING -p tcp -i eth1 --dport 80 -j DNAT --to-destination 10.10.100.4:80 I hope this is correct ?
when i try to do that i get the following warning: Warning: weird character in interface `eth1:1' (No aliases, :, ! or *). this is the line i execute: iptables -t nat -A PREROUTING -p tcp -i eth1:1 --dport 80 -j DNAT --to-destination 10.10.100.2:80
