I am trying to add a static route in one of 3 server (S3) so that I can access the main application server (S1). But problem is, the server (S3) where I am trying to add static route is connected with another server (S2) which is in same private network of application server (S1).
I have 3 servers. servers' IP suppose:
S1:
eth0: 10.10.8.26
255.255.255.0
10.10.8.1
S2:
eth0: 10.10.8.48
255.255.255.0
10.10.8.1
eth1: 192.168.100.1
255.255.255.252
S3:
eth0: 192.168.100.2
255.255.255.252
Here 192.196.100.2 is P2P connected with 192.168.100.1
But I want to access 10.10.8.26 from 192.168.100.2
Your expert advice is highly appreciated. Thanks in advance. Have a nice day.
So I have to add static route in S1 & S3 ? How can I tell S2 not to forward?Actually, I m new in unix environment. Would you please help me with command so that I can apply those in the terminal of S1 & S3.
FYI, from S3 I can only ping 192.168.100.1 not 10.10.8.48
Thanks for your reply & assistance.
Regards,
Imran
---------- Post updated at 06:05 PM ---------- Previous update was at 12:38 PM ----------
Can I use port forwarding to resolve this issue?
On S2 if I configure port forwarding like this 192.168.100.1:1443 -> 10.10.8.26:443, I will be able to access the application from S3 through https to 192.168.100.1:1443 ?
I think you need a router to exchange packets between the 10... network and the 192... network. If S2 can act as a router from S3 to S1, fine. Make it the gateway for 10... on S3. If you have another router in your local area, use that.
There might be a remote chance depending on your system' s setup, that you could use an alias interface on S3 to interact with S1. On my linux system, I do it like
Yes, I want to apply port/ IP forwarding in S2 so that can access S1 from S3. But can't figure it out how to do that. Problem is mine that I am so much novice in unix environment. Would you please help me with command that can be applied in S2 through terminal?
Sorry, I can't answer your port forwarding questions sensibly. I'm not sure you need it at all if you set up routing correctly.
Still there were two other proposals in my post that you might want to give a shot.
Port forwarding is usually for firewall traversal. Two flavors are possible: the tcp connection may actually terminate on the intermediate host with the forwarder making a second connection and shuffling all the data (a.k.a. tcp_relay), or something similar to NAT can adjust the port, host and checksum on a packet by packet basis. It is not a solution that scales well, expecially with the first flavor, which begs the question of what you are trying to achieve. Protocols that put port or host informaiton into the data present problems. NAT has logic for FTP, one of the first such, and rewrites data where it seems appropriate, but maybe not for your app.
Any host with more than one IP device can become a router if packet forwarding is turned on. Incoming packets not for this host are routed out when they hit the middle of the IP stack. This is often not desirable, as the second NIC may be for fail-over or another somewhat incompatible sort of traffic, like backups.
You need two static routes because the flow of the packets in one direction is completely independent of the other direction. Sometimes packets in the other direction have a different path to increase throughput or protect one network from the higher traffic on the other, e.g., a web server might download on a second network so the first is free of the many large packets and high volume. For a 80/20 i/o volume split, it gives your network 25% more bandwidth before the busy side chokes. However, this can be a problem for dynamic NAT, as the second firewall does not know what IP the first has reassigned.
I think, using a router between S2 &S3 can resolved this issue easily. And I think a router already exists between S2 & S3 cause the P2P connectivity is maintaining by a vendor who provide remote fiber connection. Lets see, what happen. I will update you guys.