Solved

Multiple Publc IPs

Posted on 2009-04-09
8
182 Views
Last Modified: 2013-12-16
Hi,

My server is having two interfaces eth0 and eth0:1 having different public IPs.

I have two websites under different virtual hosts on different ports 80 and 8080

Both the websites are designed to download contents from different servers which are firewalled . We cannot just use any IP to fetch data because  we need to log the requests for each IP and we also do not want this to mix.

I want that when sites on port 80 fetches data, it gives the public IP A to the other server and site on port 8080 gives public IP B

In my mind iptables NAT is coming but I am not sure what to really use and also I am not clear what options to use.


0
Comment
Question by:mdswireless
  • 4
  • 3
8 Comments
 
LVL 43

Expert Comment

by:ravenpl
ID: 24114470
> Both the websites are designed to download contents from different servers which are firewalled
You mean some php/cgi-like script is connecting to another webserver acting proxy-like?

If so, then there's nothing You can do - unless You are able to change this php/cgi script and force it to somehow mark it's connections.

Or maybe the cgi/php should act like proxy, setting the Via http header variable - then You could distinguish the traffic based on that variable?
0
 
LVL 14

Expert Comment

by:cjl7
ID: 24127191
DNAT/SNAT is what you are looking for,

http://linux-ip.net/html/nat-dnat.html


is a good place to start.

//jonas

0
 

Author Comment

by:mdswireless
ID: 24129381
Ok, but how to use DNAT based on network interface
0
Microsoft Certification Exam 74-409

Veeam® is happy to provide the Microsoft community with a study guide prepared by MVP and MCT, Orin Thomas. This guide will take you through each of the exam objectives, helping you to prepare for and pass the examination.

 
LVL 43

Expert Comment

by:ravenpl
ID: 24129651
Why haven't You answered my questions? If You need this proxy-like app, then NAT no use here, the proxy looses the information about incoming interface(at least kernel cannot match the incoming and outgoing connections as one)
0
 

Author Comment

by:mdswireless
ID: 24129682
No , You cannot say that its kind of proxy, Its a cgi script which automatically fetches data from a remote server on execution.
0
 
LVL 43

Expert Comment

by:ravenpl
ID: 24129815
Well, then unless the script is "co-operating", You cannot match those two connections to route the second one.
Can You develop the script? The script could bind it's outgoing socket to given IP, it could mark packets, it could connect to localhost proxy which would route the connection, etc.
0
 

Author Comment

by:mdswireless
ID: 24129855
But, its a same script running twice on different ports and do not have anything to with each other.

So there is no way to use different public IPS using different ports ?

The script is simple bash script, running as CGI, which function can I use to bind public IP like this
0
 
LVL 43

Accepted Solution

by:
ravenpl earned 500 total points
ID: 24129966
> But, its a same script running twice on different ports and do not have anything to with each other.
But it knows on which port it's running(cgi or env variables)

> The script is simple bash script, running as CGI, which function can I use to bind public IP like this
Hmm, I understand. The bash script has to use some next client to download the data from firewalled servers - what it is? Curl, wget?
Both can set various http headers, which can be used to distinguish the traffic on the server side.
Curl has this --local-port option, which can be usefull(but not bulletproof) for traffic routing.

Or maybe it's the script who should log the traffic-by-ip?
0

Featured Post

Three Reasons Why Backup is Strategic

Backup is strategic to your business because your data is strategic to your business. Without backup, your business will fail. This white paper explains why it is vital for you to design and immediately execute a backup strategy to protect 100 percent of your data.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Bash script - Exit out of choice loop 2 53
Upgrade BIOS / EUFI at Scale 4 69
LINUX Field Separators 7 55
Can't connect to FTP 17 93
Network Interface Card (NIC) bonding, also known as link aggregation, NIC teaming and trunking, is an important concept to understand and implement in any environment where high availability is of concern. Using this feature, a server administrator …
Introduction We as admins face situation where we need to redirect websites to another. This may be required as a part of an upgrade keeping the old URL but website should be served from new URL. This document would brief you on different ways ca…
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.
How to Install VMware Tools in Red Hat Enterprise Linux 6.4 (RHEL 6.4) Step-by-Step Tutorial

685 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question