Re: Public IP to Private IP

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On 01/27/2014 08:22 PM, Scott Mayo wrote:
I am having some troubles getting my public IPs routed to my private IPs.

Here is an example.
Private IP of the main server with my IPTables:  192.168.0.1
Public IP of the main server:  1.1.1.1
I also have 1.1.1.2 and 1.1.1.3 as public IPs attached to the public nic.
Domain name example.org is pointed to 1.1.1.2

I am trying to get the following public IPs to Private IPs:
1.1.1.2 -> 192.168.0.2
1.1.1.3 -> 192.168.0.3

If I am outside my network and go to example.org, it seems to work fine.
If I am inside my network and go to 192.168.0.2 then it works fine.
If I go to example.org from inside my network then it goes back to
192.168.0.1 instead of 192.168.0.2

Maybe this does not have to do with IPTables even since it works with
an IP, but I thought I would ask here.  I do not have an internal DNS
server.

Here are the rules that I have:

IPTABLES -t nat -A PREROUTING -d 1.1.1.2 -p tcp -j DNAT
--to-destination 192.168.0.2
IPTABLES -t nat -A POSTROUTING -d 192.168.0.2 -j SNAT --to-destination 1.1.1.2

Any suggestions would be appreciated.
Thanks.

As already explained, NAT-ing packets from your LAN back into your LAN via the public IP (and receiving the answer packets) is a pain.

If you don't have split-DNS and don't want to install DNS, you might want to look into a reverse proxy (I have good experiences with Nginx).


--
Rob

--
To unsubscribe from this list: send the line "unsubscribe netfilter" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html




[Index of Archives]     [Linux Netfilter Development]     [Linux Kernel Networking Development]     [Netem]     [Berkeley Packet Filter]     [Linux Kernel Development]     [Advanced Routing & Traffice Control]     [Bugtraq]

  Powered by Linux