From: Fabio De Paolis <fabiodepaolis@naxe.it>
To: Grant Taylor <gtaylor@riverviewtech.net>
Cc: netfilter@vger.kernel.org
Subject: Re: NAT Port Forward problem in a not so simple network
Date: Tue, 15 Apr 2008 18:22:27 +0200 [thread overview]
Message-ID: <4804D643.2090101@naxe.it> (raw)
In-Reply-To: <4804C25C.7020608@riverviewtech.net>
Grant Taylor ha scritto:
> On 04/15/08 04:48, Fabio De Paolis wrote:
>> I have a service that runs on a server that has no public IP, another
>> server with the public IP should forward the port to it.
>
> Let's break this down in to the simple network flow before trying to
> make things work (namely to make sure I understand what you are
> wanting to do).
>
> Let's do a re-draw with some clarifications.
>
> Note: References to "External" (e) interfaces will be facing up and
> "Internal" (i) interfaces will be facing down.
>
> I'm presuming (for the sake of discussion) that you presently you have
> globally routable services that appear to be on one or more Ae
> addresses that are port forwarded to Ce (and possibly others).
>
> Now it sounds like you are wanting to port forward (one or more of)
> said service(s) from Ce to De with out changing any thing on A. So
> the traffic flow would be from client Z to Ae to Ce to De and back in
> the same direction.
>
> I'm also guessing that you would like all systems to have the
> capability (whether or not you use it or firewall it is up to you) to
> connect to Ce and have the connection be port forwarded to De. Correct?
>
> Before I go in to how to do this, please let me know if I'm on track
> or not.
>
>
Absoluttely CORRECT, your description is very very good.
Another goal should be to minimize traffic on C for service running on D.
next prev parent reply other threads:[~2008-04-15 16:22 UTC|newest]
Thread overview: 14+ messages / expand[flat|nested] mbox.gz Atom feed top
2008-04-15 9:48 NAT Port Forward problem in a not so simple network Fabio De Paolis
2008-04-15 12:15 ` whiplash
2008-04-15 15:01 ` Grant Taylor
2008-04-17 14:49 ` Pascal Hambourg
2008-04-17 14:56 ` Grant Taylor
2008-04-15 14:57 ` Grant Taylor
2008-04-15 16:22 ` Fabio De Paolis [this message]
2008-04-15 16:45 ` Grant Taylor
2008-04-16 13:54 ` Fabio De Paolis
2008-04-16 14:34 ` Grant Taylor
2008-04-18 13:43 ` Fabio De Paolis
2008-04-18 14:46 ` Grant Taylor
-- strict thread matches above, loose matches on Subject: below --
2009-01-27 19:10 Fabio De Paolis
2009-01-27 20:34 ` Marek Kierdelewicz
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=4804D643.2090101@naxe.it \
--to=fabiodepaolis@naxe.it \
--cc=gtaylor@riverviewtech.net \
--cc=netfilter@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.