From: "John A. Sullivan III" <jsullivan@opensourcedevel.com>
To: Will Twomey <termina@gmail.com>
Cc: netfilter@lists.netfilter.org
Subject: Re: Multiple IP addresses
Date: Mon, 27 Mar 2006 06:51:10 -0500 [thread overview]
Message-ID: <1143460270.2753.5.camel@localhost> (raw)
In-Reply-To: <9a6de10603261753s33408f9cnb5ce6f9ae7b4f75d@mail.gmail.com>
On Sun, 2006-03-26 at 19:53 -0600, Will Twomey wrote:
> I apologize if this is the wrong list, but...
>
> I would like to have several (3?) ip addresses on one interface (eth0,
> eth0:1, etc.), and forward each of those IP addresses to another
> interface (192.168.0.1, 192.168.1.1, 192.168.2.1, etc.)
>
> Does anyone have an advice for me, or a good place to learn how to do this?
>
> If someone has an iptables/netfilter script that does this, I'd love
> to see it. :D
>
<snip>
I'm not entirely sure of what you mean by forwarding each to another
interface. Packets destined for the network associated with each
address will route there naturally. You will need to bind the
individual addresses to the cards using iproute2, e.g.,
ip add add 192.168.1.1/24 dev eth0 brd +
To find more information on this, look for a file in your distribution
ip-cref.ps
If you mean implementing access controls and/or NAT, you will also need
to invoke iptables FORWARD and nat rules.
ISCS (http://iscs.sourceforge.net) will do all of this automatically for
you including files and dynamic changes to bind the ip addresses, access
control and NAT even in the most complex environments (e.g.,
overlapping, nested, many-to-some, some-to-many NAT).
You can find some slide shows on both iproute2 and iptables in the
training section of the ISCS web page (although a bit dated) and there
is an excellent iptables tutorial at
http://iptables-tutorial.frozentux.net/iptables-tutorial.html
Good luck - John
--
John A. Sullivan III
Open Source Development Corporation
+1 207-985-7880
jsullivan@opensourcedevel.com
Financially sustainable open source development
http://www.opensourcedevel.com
next prev parent reply other threads:[~2006-03-27 11:51 UTC|newest]
Thread overview: 9+ messages / expand[flat|nested] mbox.gz Atom feed top
2006-03-27 1:53 Multiple IP addresses Will Twomey
2006-03-27 3:30 ` Mike Wright
2006-03-27 9:28 ` Martijn Lievaart
2006-03-27 11:51 ` John A. Sullivan III [this message]
2006-03-27 12:24 ` Eduardo Spremolla
-- strict thread matches above, loose matches on Subject: below --
2003-05-22 1:31 George Vieira
2003-05-22 1:25 Brei, Matt
2003-05-21 23:53 George Vieira
2003-05-21 23:01 Brei, Matt
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1143460270.2753.5.camel@localhost \
--to=jsullivan@opensourcedevel.com \
--cc=netfilter@lists.netfilter.org \
--cc=termina@gmail.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox