Port forwarding problem?

A

Alexey Tutubalin2014-12-18 13:18:05

Domain Name System

Alexey Tutubalin, 2014-12-18 13:18:05

There are 2 vps the first vps ip 1.1.1.1 the second vps 2.2.2.2 and there is a main server with ip 3.3.3.3 and 4.4.4.4 vps are used for dns servers and nginx is also configured to redirect sites from vps to the main server through a proxy pass, the problem is remained only with xbt with port 2712 standing on the main server how to make it work through vps gateways? xbt works with passkey, so it is not possible to do proxying through nginx.
i used iptable rules
for first vps
iptables -t nat -A PREROUTING -d 1.1.1.1 -p tcp --dport 2712 -j DNAT --to-destination3.3.3.3:2712
iptables -t nat -A POSTROUTING -d 3.3 .3.3 -p tcp --dport 2712 -j SNAT --to-source 1.1.1.1:2712
iptables -t nat -A PREROUTING -d 1.1.1.1 -p tcp --dport 2712 -j DNAT --to-destination 4.4 .4.4:2712
iptables -t nat -A POSTROUTING -d 4.4.4.4 -p tcp --dport 2712 -j SNAT --to-source 1.1.1.1:2712
for second vps
iptables -t nat -A PREROUTING -d 2.2.2.2 -p tcp --dport 2712 -j DNAT --to-destination3.3.3.3:2712
iptables -t nat -A POSTROUTING -d 3.3.3.3 -p tcp --dport 2712 -j SNAT --to-source 2.2.2.2:2712
iptables -t nat -A PREROUTING -d 2.2.2.2 -p tcp --dport 2712 -j DNAT --to-destination 4.4.4.4:2712
iptables -t nat -A POSTROUTING -d 4.4.4.4 -p tcp --dport 2712 -j SNAT --to-source 2.2.2.2:2712
but they don't always work

Reply

Answer the question

In order to leave comments, you need to log in

1 answer(s)

P

Power, 2014-12-18
@Power

First, it's not clear what you need to do.
Secondly, in this case, for SNAT, you do not need to specify a port.
Thirdly, and most importantly, you have two identical rules with different goals:

iptables -t nat -A PREROUTING -d 1.1.1.1 -p tcp --dport 2712 -j DNAT --to-destination 3.3.3.3:2712
iptables -t nat -A PREROUTING -d 1.1.1.1 -p tcp --dport 2712 -j DNAT --to-destination 4.4.4.4:2712

Of these, the first one always works. This is hardly what you wanted.