I have a server running on e.g. servera.example.com and one on serverb.example.com. I want to redirect all port 80 traffic to servera.example.com to serverb.example.com, and leave all other ports as-is. The difficulty is that serverb.example.com has a dynamic IP, so the IP cannot be put directly into the iptables rule. Is there any way to do this?
Asked
Active
Viewed 1,015 times
3 Answers
2
You can't do this with iptables/netfilter directly as the DNS is only consulted when the rules are loaded. If serverb.example.com points to 192.0.2.1 when the rules are loaded and it changes to 192.0.2.2 then netfilter won't know and packets will be sent to he wrong address.
Perhaps a reverse proxy will help you.
0
You can use a simple script to find out the current IP of serverb.example.com Simply run:
[root@user ~]# dig +short serverb.example.com | sed -e '1d'
Which will return the current IP address of server b. But note, this will only work if DNS records is updated with the new IP.
How to use this script is up to you, as an example:
#!/bin/bash
SERVB=`dig +short serverb.example.com | sed -e '1d'`
iptables (your rule goes here) -d $SERVB
falken
- 69
- 6
0
First ensure that the DNS record will auto update for server.example.com.
Second - If server autoupdates his DNS record use the script from @fallen but insert a command for refreshing the iptables tables.
Third - setting up a Cron job or systems unit for executing the script periodically.
g4s3
- 11
- 4