[Shorewall-users] Ip aliasing
ama.kalu at cwlgroup.net
Thu Dec 4 20:22:17 PST 2003
I saw a hint on the website about round robin of services and aliased interfaces but it is not clear whether that hint covers my question.
I need to distribute client requests for a particular service on one interface say eth0 to a number of servers on the other side of the firewall in a round robin fashion. I'd appreciate more light.
> On Thu, 2003-12-04 at 10:26, Marcelo Mujica wrote:
> > Alex, thanks for your response.
> > I`m talking about use proxy arp with publics address in the DMZ but I got some resistence..., because I said, before, that with prot forwarding are the better option and now I have to change the config.
> > In other order, maybe I like to know how do port forwarding in the correct way(not with the errors that you detect). To learn I apreciate if you want correct me.
> > In other way I go to try proxy arp in another test server.
> To forward just one port, you will have to create the alias manually
> then just use a DNAT rule.
> DNAT net dmz:<internal ip> <proto> <port> - <alias addr>
> But of course that is described on the page that you already referred
> Tom Eastep \ Nothing is foolproof to a sufficiently talented fool
> Shoreline, \ http://shorewall.net
> Washington USA \ teastep at shorewall.net
> Shorewall-users mailing list
> Post: Shorewall-users at lists.shorewall.net
> Subscribe/Unsubscribe: https://lists.shorewall.net/mailman/listinfo/shorewall-users
> Support: http://www.shorewall.net/support.htm
> FAQ: http://www.shorewall.net/FAQ.htm
More information about the Shorewall-users