Manao ahoana, Hello, Bonjour,
My server has 3 public IPs: IP1, IP2, IP3.
I intend to create 3 bridges: virbr1, virbr2, virbr3.
Each bridge will NAT from 3 to 5 KVM guests.
About IP1:
I would like incoming connexion on IP1 to:
- IP1:80 to be DNAT'd to one virbr1 VM, specialized on HTTP
- IP1:3306 to be DNAT'd to another virbr1 VM, specialized on MySQL
- IP1:53 to be DNAT'd to another virbr1 VM, specialized on DNS
Same about IP2 and IP3.
Should I assign a public IP address to each brdige?
I think "no" because there will be a problem of network segment:
--> What range will I give to the guests?
I think my only solution is to give private IPs (192.168.X.X) to the
brigdes (3 separate subnets), and use iptables with something like:
iptables -t nat -A PREROUTING -p tcp -m tcp -d $IP1 --dport 80 \
-j DNAT --to-destination $VIRBR1_HTTP_GUEST
iptables -t nat -A PREROUTING -p tcp -m tcp -d $IP1 --dport 3306 \
-j DNAT --to-destination $VIRBR1_MySQL_GUEST
iptables -t nat -A PREROUTING -p udp -d $IP1 --dport 53 \
-j DNAT --to-destination $VIRBR1_DNS_GUEST
Should be alright?
More informations: I use Ubuntu 9.10
Misaotra, Thanks, Merci.
--
Architecte Informatique chez Blueline/Gulfsat:
Administration Systeme, Recherche & Developpement
+261 34 29 155 34 / +261 33 11 207 36