Web lists-archives.com

Re: Only using masquerading on internet facing server

On Thursday, March 14, 2019 04:26:06 AM john doe wrote:
> By the answers in this thread, I guess I need to explane what I have and
> what I'm trying to do.

As someone observing from the peanut gallery, it would help me if the 
explanation was a little less detailed -- sort of an overview.

Let me make a guess, using maybe some acronyms (which I should probably try to 

I'm guessing that you have a private LAN ( behind server b, with 
no direct connection to the Internet.  

Ahead of that, to provide a connection to the Internet, you have server A.

The combination of the two is intended to create a DMZ (iirc) -- a place where 
you can put computers / servers that are more accessible from outside the LAN.


> Server a and server b are identical, server a is the internet facing
> server which has one network behind it (eth1 and eth0 is
> the interface connected to the internet), server b is behind server a
> and connected using the eth0 interface.
> Server b is behind server a and is connected to server a through eth0,
> server b has one network behind it (eth1
> For now both server (a and b) are responsible for MASQUERADING the
> networks behind them.
> So server a MASQUERADEs and server b MASQUERADEs
> MASQUERADE is only needed on server a.
> Does it help understanding what I'm trying to do?
> I really appriciate any help/hint.
> --
> John Doe