[lug] Networking question: multiple IPs and NAT?

Chris chris-blug at syntacticsugar.org
Sun Apr 10 13:20:41 MDT 2005


Hi, everyone.

Quick question.  I'm trying to help someone who came to hacking
society last week solve a little networking problem.

He's got 5 IPs from his ISP, all going to a DSL modem.  There are
several computers inside his network, each responsible for serving up
web pages.  I've suggested doing virtual hosting on Apache, and
pointed to some good resources on that, so that solves part of the
problem.  He won't need one machine per website hosted, yay!

The bigger problem is that he'd like his external IPs to be mapped on
to machines inside his network anyway -- so that if there's enough
services, they don't all have to be handled by the same machine.  That
is, the external IP someone connects to would determines which machine
on his internal network recieves the connectiion.  How's this done?
It looks like we want to do something like this:

http://www.shorewall.net/NAT.htm 

My experience with NAT is limited to the case where there's only one
external IP address, and that's really 'masquerading', as I understand
it.

Can this be done by a typical DSL modem?  If not, what are good
recommendations for devices that *can* do this kind of NAT?  With some
googling, I've seen references to proxy arp in this context, but I
just don't understand this as well as I'd like to.

One thought I had was to put a small linux box behind the DSL modem,
and have external addresses assigned to eth0:0 - eth0:4, and then have
iptables rules forwarding packets on eth0:x to 192.168.0.y addresses.
Would that work?

I'd especially like book recommendations or good documentation on the
subject, but specific suggestions would be greatly appreciated...

--
    Chris Riddoch
epistemological humility



More information about the LUG mailing list