[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: IP numbers
- To: Ishai Parasol <ishai-iglu(at-nospam)parasol.org.il>
- Subject: Re: IP numbers
- From: Ilya Konstantinov <linux-il(at-nospam)future.galanet.net>
- Date: Wed, 28 Mar 2001 11:18:00 +0200
- Cc: Linux - IL Maling List <linux-il(at-nospam)linux.org.il>
- Delivered-To: linux.org.il-linux-il@linux.org.il
- In-Reply-To: <000b01c0b74e$d7fa2180$0100007f@localdomain.localdomain>; from ishai-iglu@parasol.org.il on Wed, Mar 28, 2001 at 09:16:42AM +0300
- References: <000b01c0b74e$d7fa2180$0100007f@localdomain.localdomain>
- Sender: linux-il-bounce(at-nospam)cs.huji.ac.il
- User-Agent: Mutt/1.2.4i
On Wed, Mar 28, 2001 at 09:16:42AM +0300, Ishai Parasol wrote:
> A theoretical question: I have a little network with one box as a gateway
> and another one connected to him directly (two network cards). The gateway
> runs an apache+postifx server. Now, let's say that the gateway's IP is
> 192.168.1.1 and its "external" IP from my isp is 192.xxx.xxx.xxx and the
> other box IP is 192.168.1.2, Can I run my servers on the other box (not the
> gateway) ? And if I can, what will be its IP ?
Yes, but you'll need some MASQ magic.
Your "other box" servers will think the connection is between
192.168.1.2 and some REAL-WORLD-IP, while the real world
clients will think the connection is between REAL-WORLD-IP and
YOUR-ISP-GIVEN-IP.
For example, if you wish to make the POP3 server on 192.168.1.2
world-accessible, you'll tell your NAT gateway to redirect requests
on port 110 (POP3) to the "other box".
On kernel 2.4 (iptables), that'll be:
iptables -t nat -A PREROUTING -j DNAT -p tcp --to-destination 192.168.1.2:110
Of course, then you couldn't run a world-accessible POP3 server on
192.168.1.1.
--
Best regards,
Ilya Konstantinov
=================================================================
To unsubscribe, send mail to linux-il-request@linux.org.il with
the word "unsubscribe" in the message body, e.g., run the command
echo unsubscribe | mail linux-il-request@linux.org.il