I am up to a task that already gave me enough headache , so for this aspect of my problem I'll ask for your help.
I have an Ubuntu router with two network interfaces, eth1 goes to internet and behind eth0 I have some NAT-ed clients.
10.1.1.1 is the IP address of eth0
10.1.1.2 is another linux machine
In certain cases, I do a port forward for internal clients towards 10.1.1.2:
iptables -A PREROUTING -t nat -p tcp --dport 80 -s 10.1.1.5 -j DNAT --to-destination 10.1.1.2:80
Once the client (10.1.1.5 in this example) hits the web page at 10.1.1.2, there is a PHP script there that deletes the iptables rule from main router, so basically that page on 10.1.1.2 only gets hit once by 10.1.1.5's browser.
All works well with one exception: if the client (10.1.1.5) is already browsing a domain, let's say his browser already displayed the main page of http://www.ubuntu.com
, and I THEN apply the port forwarding rule, well, then there are two cases:
1. If he decides to try some other domain, then the port forward will get him correctly to 10.1.1.2:80
2. but if he clicks on something on that particular page that is already displayed, let's say he goes to www.ubuntu.com/download
, then he gets a 404 instead of being redirected to 10.1.1.2:80
I suspect this has something to do with cached routes and once the domain is resolved, the browser just tries to access the page at www.ubuntu.com/download
without requesting a new route from his gateway (10.1.1.1)