Martin Marcher wrote: > i have a setup where i have a borderline box that has 5 public IP > Addresses (this is for the sake of example: 192.0.2.8/29), all is > NATed to 10.200.10.0/24. Now the IP the provider uses as gateway is > 192.0.2.9 which makes me have 192.0.2.10-14 as a usable range.
Uhm... Five public IPs is normal for an 8 IP subnet. But I don't understand your statement about NAT'ing them all to 10.200.10.0/24, especially since the ranges do not add up. I am guessing you are sanitizing addresses (okay) and not quite getting things lined up right. > The default gateway on my borderline box is 192.10.2.10.10 which makes Hmm... Check that address again. It can't be a 40 bit address. :-) > all traffic from my network look like it came from this address which > was fine until now. Do you mean that you have NAT configured so that all clients appears to come from your gateway? > Say I want 10.200.10.50 to look like it came from 192.0.2.11 how do I do > that? Let me recommend using Shorewall for this. There are a lot of packages that facilitate driving the Linux netfilter. I like the Shorewall one best. YMMV. http://www.shorewall.net/NAT.htm I believe that page documents the configuration that you are wanting to create. If nothing else it should be an additional reference. > I found http://www.wlug.org.nz/SourceBasedRouting which seems to do > what I want the approach also seems easily extensible since I could > easily add more addresses to a certain routing table, or maybe even > add more routing tables so that I could use the full range as outgoing > IP addresses depending on the source IP address. > > Am I on the right track? Seemingly so far you seem to be on track to me. Excepting the noted confusion about addresses. > FYI: The purpose is that I want to have an outbound mail server and a > seperate inbound one. And I want to have them use 2 different IP > Addresses - if you know a simpler approach to this (the constraint is > to keep a single borderline box) I'm very much open to suggestions Seems reasonable. Bob -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
