network brain bender

Jordan Curzon curzonj at gmail.com
Thu Nov 6 20:21:17 MST 2008


One option is to setup two VM's on the machine, one on each network
and both on a private network local to the box. Then you use NAT on
each VM, as if you had two natting routers accessing a public server.

Another option which would be a lot more tricky is to do the same NAT
masq but base the rules on the interfaces. The goal with the second
option is to translate the addresses before the packets hit the
routing table. On the return route they would return to the interface
going past the routing table before having the destination IP
translated back to the real address.

I've done the first option, the second one sounds pretty reasonable though.

On Thu, Nov 6, 2008 at 7:22 PM, Stuart Jansen <sjansen at buscaluz.org> wrote:
> I would like to setup a server with two NICs plugged into two seperate
> networks that use the same addresses. The server should be able to
> respond to ICMP, DNS, NFS, HTTP & FTP. At first this would seem
> ridiculous and impossible, but a little experimenting suggests it
> _might_ be possible.
>
> If possible, the result will be a more convenient development/testing
> environment with lower RAM requirements.
>
> Using virtual machine, I've setup something like the following:
>
> +-------------+
> | 192.168.0.1 |
> |             |      |---192.168.0.2
> |        eth0 |------|
> |             |      |---192.168.0.3
> |             |
> |             |      |---192.168.0.2
> |        eth1 |------|
> |             |      |---192.168.0.3
> +-------------+
>
> Giving eth0 and eth1 the same IPs is preferred. Giving them separate IPs
> might still be acceptable.
>
> At first, one network would work and the other would be SOL. Basically,
> whoever was first to populate the ARP cache would win. Playing with the
> route tables, I've been able to get layer 2 more or less working but now
> I'm having problems with layer 3. I'm thinking I may need to rely on the
> netfilter conntrack module, but I don't want to go into to much detail
> because what I've got isn't quite working and I don't want to stifle
> anyone's creativity.
>
> Anyone up for a challenge? I'll give you major geek points.
>
>
> /*
> PLUG: http://plug.org, #utah on irc.freenode.net
> Unsubscribe: http://plug.org/mailman/options/plug
> Don't fear the penguin.
> */
>



More information about the PLUG mailing list