No subject


Tue Nov 9 01:00:01 PST 2010


	#!/bin/sh
	insmod /lib/modules/2.4.2-2/kernel/net/ipv4/netfilter/ipt_MASQUERADE.o

	# Turn on anti-spoofing for all interfaces
	for f in /proc/sys/net/ipv4/conf/*/rp_filter; do echo 1 > $f; done

	# Set IP forwarding on
	echo 1 > /proc/sys/net/ipv4/ip_forward

then any incoming requests like ssl, telnet, SMTP etc., just do:-

	# Rules for external interface to rediect
	iptables -A PREROUTING -t nat -s 212.53.64.39/32 -p tcp --dport 25 -j
DNAT --to 10.0.0.2:25
	iptables -A PREROUTING -t nat -s 212.53.64.39/32 -p udp --dport 25 -j
DNAT --to 10.0.0.2:25

Any aliases to bonded interface names need to be correctly defined when
using iptables, remember not to reference the unbonded interface, i.e. eth0,
eth1 etc., always reference them as bond0 or whatever you have called it.

I hope that helps,

Kind regards,
	Mark.

-----Original Message-----
From: beowulf-admin at beowulf.org [mailto:beowulf-admin at beowulf.org]On
Behalf Of Mike Davis
Sent: 04 February 2003 15:17
To: Angelos Molfetas
Cc: beowulf at beowulf.org
Subject: Re: Gateway problems in beowulf cluster


It should work if you have ipforwarding setup. There shouldn't be a
difficulty since the channel bonded interfaces have to route through a
single interface to the larger network.  Why do you want to reach the
outside from the beowulf? Do you want a one way, or two way connection?

For security purposes, I never forward ip from the beowulf to the
outside and tightly limit outside traffic to the gateway node.

Mike


Angelos Molfetas wrote:

>Hello Everyone,
>
>I was wondering if anyone has had any problems with
>getting Channel bonding working with iptables?
>
>I am currently trying to configure a linux box which
>acts as a gateway between our Beowulf cluster (channel
>bonded) and the university network (single fast
>ethernet). I trying to join (using SNAT/DNAT) the
>gateway's public IP address with the master private IP
>address. This way users can just ssh to the gateway
>and it will automatically connect them to master node.
>
>
>I don't think the problem is with my iptables scripts
>as they run properly when the beowulf cluster is
>running in single NIC mode. As soon, as we switch
>channel bonding on, it refuses to work.
>
>I suspect that the linux kernel has problems routing
>packets between a channel bonded interfaces (bond0
>[eth1 + eth2] for example) and a single NIC interfaces
>(eth0 for example).
>
>I was wondering if anyone else has had a similar
>problem in their beowulf building experience.
>
>Thanks,
>
>Angelos
>
>http://movies.yahoo.com.au - Yahoo! Movies
>- What's on at your local cinema?
>_______________________________________________
>Beowulf mailing list, Beowulf at beowulf.org
>To change your subscription (digest mode or unsubscribe) visit
http://www.beowulf.org/mailman/listinfo/beowulf
>
>
>


--
Mike Davis                             Web and Research Computing Services
Unix Systems Manager            Virginia Commonwealth University
jmdavis at mail2.vcu.edu           804-828-3885 (fax: 804-828-9807)


_______________________________________________
Beowulf mailing list, Beowulf at beowulf.org
To change your subscription (digest mode or unsubscribe) visit
http://www.beowulf.org/mailman/listinfo/beowulf


This email has been scanned for viruses by NetBenefit using Sophos
anti-virus technology





This email has been scanned for viruses by NetBenefit using Sophos anti-virus technology





More information about the Beowulf mailing list