Linux Today: Linux News On Internet Time.

More on LinuxToday

Networking is a little more than IPs and netmasks

Mar 29, 2010, 12:34 (0 Talkback[s])
(Other stories by Edmundo Carmona)


Re-Imagining Linux Platforms to Meet the Needs of Cloud Service Providers

[ Thanks to Edmundo for this link. ]

"Very recently I was asking this questions (which is still open) at www.linuxquestions.org (the first place I hit when I have a question regarding linux or gnu, by the way) and took a brief look at the questions open on the networking forum and I hit this beauty.

"It's a guy who has set up DNAT on netfilter to forward packets that are sent to one host to another server that does the real work. Think of it as a proxy. In his example, he wanted to forward packets that arrive at his host on port 3306 to port 3197 on another host (let's use IP a.a.a.a). So, he set up a simple rule on (nat) PREROUTING:

$ iptables -t nat -A PREROUTING -p tcp --dport 3306 -j DNAT --to a.a.a.a:3197

"What this rule is doing is telling the kernel to change the destination IP address of any packet that arrives at his host through any network interface to IP address a.a.a.a (reachable from his server, maybe not from the host that originated said packages) and the destination port to 3197"

Complete Story

Related Stories: