forwarding *some* web traffic to a virtual machine

Matt Price moptop99-Re5JQEeQqe8AvxtiuMwx3w at public.gmane.org
Wed Sep 8 15:17:42 UTC 2010


On Tue, Sep 7, 2010 at 5:13 PM, James Knott <james.knott-bJEeYj9oJeDQT0dZR+AlfA at public.gmane.org> wrote:

> William Muriithi wrote:
>
>> I am not certain this will help Matt. He is trying to avoid using 2
>> IPv4 IPs but still be reachable by the public - Who are all still
>> mostly in IPv4.  I think he solution is some kind of NAT/PAT and that
>> is it
>>
>> Problem with using IPv6 is he will still not be reachable from IPv4.
>> Those two protocols have different headers - for efficiency reasons -
>> and therefore not compatible.  That imply he will need a kind a
>> tunnel, but one way or the other that tunnel will expose the IPv6 as 2
>> IPv4 IPs.  So the initial problem will still remain only far down the
>> stream. I could be wrong though
>>
>>
>
> My understanding was that he wanted access to that computer using ssh etc.
> for a few computers.  With the method I proposed, he would set up a tunnel
> from that computer, using it's existing single IPv4 address to the tunnel
> broker.  He'd then set up the other computers with their own tunnels to that
> broker.  All the computers will now have their own IPv6 addresses via the
> broker, so they can communicate via IPv6.  It's just a method of making
> another IP address available, in a situation where there'd otherwise be just
> one.  For the various protocols, it's completely transparent.  In addition,
> he can configure a subnet, should he desire, to obtain a huge (2^72) number
> of IPv6 addresses.  With some tunnel brokers, he can even get 2^80 (a
> trillion, trillion) addresses!

 a trillion trillion!  i could serv each web page from a billion, trillion
addresses!
I think James is right that IPv6 is not the right thing for me at the
moment.  It's true I'll need to have ssh access to the VM's only from a few
computers, but I suppose I could just do that with something like this:

ssh host.computer.dns.entry -e "ssh internal.private.ip.of.vm"

i hadn't realized that the default NAT network options for vmbuilder allow
straightforward network connection to the vm.  that actually works veyr well
for me -- o at least, i think it will -- currently waiting for hte u of t
admins to hook my box up...

thanks again to eveyrone,
matt
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://gtalug.org/pipermail/legacy/attachments/20100908/7ddcb2b9/attachment.html>


More information about the Legacy mailing list