[ale] iptables redirect

Matt Rideout mrideout at windserve.com
Thu Aug 6 14:58:26 EDT 2009 

What about running VRRP/CARP/HSRP on the routers? If I understand your 
situation correctly, that sounds like the cleanest solution.

Chris Fowler wrote, On 08/06/2009 02:20 PM:
> This issue I ran into is that they have 2 links into my 2900 switch.  I
> tried to use aliasing but I need a system where the same machine has two
> default gateways.  I have about 7 machines to convert over.
>
> I think what I'll try is iproute and setup a system with two nics and
> each nic with its own gateway.  I'm testing that idea now by install
> CentOS 5.3 on my vmserver host.  I've added two network interfaces from
> the same bridged interface from the host.  If this works then for my
> guests I can just shut them down, add another interface and make this
> work.  For the real servers I'll have to try something like the iptables
> trick.
>
>
> On Thu, 2009-08-06 at 12:07 -0600, JK wrote:
>   
>> Chris Fowler wrote:
>>     
>>> Is is possible to use iptables to redirect from one server to another.
>>>       
>> Sure.
>>
>> iptables -t nat -I PREROUTING -i $ETH_INGRESS -d $ORIG_DEST_IP -j DNAT --to-dest $NEW_DEST_IP
>>
>> As long as the machine handling the packet knows how to route traffic
>> to NEW_DEST_IP, you should be OK.  You'll probably also need to SNAT
>> that traffic, though, unless the NEW_DEST_IP machine's route back to
>> the original source passes through the machine you're installing the
>> iptables rule on:
>>
>> iptables -t nat -I POSTROUTING -o $ETH_EGRESS -d $NEW_DEST_IP -j SNAT --to-dest $MY_IP
>>
>> -- JK
>>
>>
>>
>>     
>>> Here is the issue.
>>>
>>> We have a new address range.  I now have two sets of public addresses.
>>> I need to release the old set.  I have many devices programmed to go to
>>> the old IP.  Can I create an iptables rule on 65.254.217.212 to redirect
>>> to 74.113.143.4 ?  Any request to the old server will be sent to the new
>>> server.  After I reprogram the devices then I'll relinquish the old
>>> address.
>>>
>>> Chris
>>>
>>>
>>> _______________________________________________
>>> Ale mailing list
>>> Ale at ale.org
>>> http://mail.ale.org/mailman/listinfo/ale
>>>
>>>
>>>       
>> _______________________________________________
>> Ale mailing list
>> Ale at ale.org
>> http://mail.ale.org/mailman/listinfo/ale
>>     
>
> _______________________________________________
> Ale mailing list
> Ale at ale.org
> http://mail.ale.org/mailman/listinfo/ale
>

More information about the Ale mailing list