| Paul Sala 2004-01-19, 3:02 pm |
| Here's my problem:
There is a firewall(FW1) between client and serverA. There is a
firewall(FW2) between ServerA and two HTTP servers.Only ServerA can talk to
both client and the HTTP servers. Client cannot request addresses that are
behind FW2, so the addresses must be translated by serverA.
See text diagram:
client -> FW1 -> ServerA(9.1.2.3) -> FW2 -> HttpSrv1(www.abc.com
9.3.4.4)
->
HttpSrv2(www.xyz.com 9.3.4.5)
I need ServerA listening on:
9.1.2.4:80
9.1.2.5:80
When ServerA gets a request from client thur FW1 for:
9.1.2.4:80 it must forward it to 9.3.4.4:80 and 9.3.4.4 must send reply
back thru FW2 to serverA WF1 to client
9.1.2.5:80 it must forward it to 9.3.4.5:80 and 9.3.4.5 must send reply
back thru FW2 to serverA to FW1 to client
Question is, what should serverA be? I can't use LB or CBR/Proxy because
they can only direct traffic on the same subnet.
I have two possible solutions, but I am not sure if they will work:
1. Make serverA a LoadBalancer running in NAT mode. Would this work? When
LB is run in NAT mode, requests and replys both go thru the LB server. I
could set up different cluster addresses to do the address translations.
2. Make serverA a proxy server. Would the proxy server be able to listen on
more than one address and do the address translation? Can the caching proxy
server that comes with the LB product run alone or does it have to run with
CBR?
Any other ideas?
Thanks.......Paul
|