Sometimes I see a transit issue on the internet which I can't fix as I don't have a contract with the particular company in question. Whilst I am waiting for it to be resolved I sometimes route traffic round the issue by bouncing it off another server in another part of the world.
So for instance if I wanted to send tcp traffic to a particular port from a server in say the UK to a server in Singapore when there is a traffic issue between them then I could bounce the traffic off a server I have in Japan using iptables.
SERVERIP="x.x.x.x"
DESTIP="y.y.y.y"
ORIGIP="z.z.z.z"
PORT="nnn"
iptables -F -t nat
echo 1 > /proc/sys/net/ipv4/ip_forward
iptables -t nat -A PREROUTING -p tcp -s $ORIGIP -d $SERVERIP --dport $PORT -j DNAT --to-destination $DESTIP
iptables -A POSTROUTING -t nat -o eth0 -s $ORIGIP -d $DESTIP -j MASQUERADE
iptables -A POSTROUTING -t nat -o eth0 -s $DESTIP -d $ORIGIP -j MASQUERADE
Simply run the commands above on the server in Japan setting SERVERIP to the address of the server in Japan, DESTIP to the address of the server in Singapore and ORIGIP to the address of the server in the UK.
Once that's done send the traffic to SERVIP rather than DESTIP and it will be redirsted to DESTIP and appear to be from ORIGIP.
Bear in mind you won't be able to send traffic to SERVERIP on the port specified so it's probably not a good idea to redirect port 22!
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment