temporary host reroute?

To: tclug-list@mn-linux.org
Subject: temporary host reroute?
From: Mark Phillips <mbp@geomtech.com>
Date: Mon, 28 Feb 2000 23:27:25 -0600

I wonder if anyone can tell me whether the following is possible, and
if so, how?  My knowlege of routing & subnets isn't far enough along
to know for sure myself:

I have two separate LANS in two different physical locations.  Each
LAN is connected to the internet via a firewall that does IP
filtering/forwarding.  In both cases the firewall is a Linux box that
I control, and the internal network is a subnet.  There's a web server
inside subnet #1:

			 internet
		    ...            ...
		    /                \
		   /                  \
		  /                    \
	      ---------            ---------  
	      | fw #1 |		   | fw #2 |  
	      ---------		   ---------  
		  |		       |      
		  |		       |      
	        LAN #1   	     LAN #2
              (subnet #1)          (subnet #2)
               including
              web  server


Suppose the web server's IP address is '1.2.3.4'.  If the web server
goes down, I'd like to reprogram a machine inside LAN #2 to take on
IP address '1.2.3.4' and reprogram the firewalls to forward the
packets to the new location.

I know how to make a new machine take on an additional (or different)
IP address.  What I don't know is how to set up the routes in the firewalls,
or even if it's possible.  I don't have control of any of the routers
upstream from my firewalls, and normally they're configured to route
IP address '1.2.3.4' through fw #1.  So I'd like to set up fw #1 to
route packets it receieve for 1.2.3.4 over to fw #2, which would then
send them on to the 'new' 1.2.3.4 in LAN #2.

I experimented with it unsuccessfully.  I did manage to get a machine
inside LAN #2 to take on the IP address 1.2.3.4 (of course I used a
real IP address when I did it; I'm just using 1.2.3.4 in this message
as an example) and I got the routes on fw #2 set up so that fw #2
could ping 1.2.3.4.  I then tried to set up a static host route on fw
#1 specifying fw #2 as the gateway for reaching 1.2.3.4, but this
didn't work.  fw #2 couldn't ping 1.2.3.4.

Can someone tell me if this is possible, and provide some hints
on how to set up the routes?

Thanks in advance,

--Mark

Mark Phillips @ Geometry Technologies, Inc.
550 Gilbert Building, 413 Wacouta St., St. Paul, MN 55101
Phone: 651-223-2884  Fax: 651-292-0014
mbp@geomtech.com       http://www.geomtech.com

Follow-Ups:
- Re: [TCLUG:14127] temporary host reroute?
  - From: "Eric M. Hopper" <hopper@omnifarious.mn.org>
- Re: [TCLUG:14127] temporary host reroute?
  - From: Peter Lukas <peter@math.umn.edu>

Prev by Date: Re: [TCLUG:14125] mx300
Next by Date: An Open Letter to Jeff Bezos
Prev by thread: Re: [TCLUG:14125] mx300
Next by thread: Re: [TCLUG:14127] temporary host reroute?
Index(es):
- Date
- Thread