1

I am looking for some iptables rules which can help me to route some traffic from a server :

Client 1 ----|
Client 2 ----|                                 |----------|
Client N ----| ssh,                            | Server B |
             | http,                           |   (NAT)  |
             | ...                             |----------|
             |                                    |
             |            |----------|            |
             -------------| Server A |------------|
                          |----------|       (all traffic initiated
                                              by A should be redirected
                                              to B)

  • Any client should be able to access some services located on Server A like ssh, http, etc (no special work is needed here).

  • To answer some requests initiated by a client (like a HTTP request), Server A should fetch some information outside but it should have the IP of the Server B which is a NAT (in reality we have a lot of Server A).

My question is: how to set iptables on Server A to route all outbound traffic initiated by Server A through Server B.

vhiairrassary
  • 111
  • 2
  • Have you tried pointing the default route on `Server A` to the IP address of `Server B`? – kasperd Mar 27 '15 at 08:09
  • I have tried `iptables -t nat -A PREROUTING -i eth0 -j DNAT --to-destination x.x.x.x` but `wget -qO- ifconfig.me/ip` always return the IP of Server A and not x.x.x.x – vhiairrassary Mar 27 '15 at 08:23

1 Answers1

0

You don't use iptables.

Change the default route on Server A to point to Server B. This is usually called gateway in the network configuration. Whenever Server A wants to send packets to anything that isn't on a local subnet it's attached to, it will send the packets to the gateway.

Julian Sivertsen
  • 66
  • 4
  • Changing the gateway for a particular IP work well but doing the same for 0.0.0.0/0 with `sudo ip route change 0.0.0.0/0 via x.x.x.x` does not work :/ – vhiairrassary Mar 28 '15 at 15:53