How do I redirect/forward/route/proxy TCP-connections to a different host (on the same network) while keeping the source IP intact?
Is it possible that in this scenario the destination server answers directly to the source IP instead of going through the original one?
And how do I switch to a different destination, while not loosing any packets?
In more detail:
I have a webserver (on port 80 and 443) which sometimes needs an update.
So I installed a second webserver with the same config.
Now I want a TCP-Proxy in front of it to switch between them without loosing any packets!
I do not need a real HA-solution like HAProxy.
iptables should be enough.
But it seems to me all documentation and hints are lying....
So how do I do this?
My setup:
Everything is CentOS 7 with pure iptables (no firewalld).
You will NOT get access to my machines! Tell me the solution or I type something and show you the results....
My 'tcp-proxy' has three IPs and so do my webservers. They are all on the same subnet.
tcp-proxy-A, tcp-proxy-B, and tcp-proxy-C
webserver1-A, webserver1-B, webserver1-C
webserver2-A, webserver2-B, webserver2-C
I want now:
tcp-proxy-B:80 -> webserver1-B:80 and tcp-proxy-B:443 -> webserver1-B:443
tcp-proxy-C:80 -> webserver1-C:80 and tcp-proxy-C:443 -> webserver1-C:443
And in case webserver1 has to go down I will force for NEW connections
tcp-proxy-B:80 -> webserver2-B:80 and tcp-proxy-B:443 -> webserver2-B:443
tcp-proxy-C:80 -> webserver2-C:80 and tcp-proxy-C:443 -> webserver2-C:443
while the old currect connections to webserver1 should still work until the transmissions will end normally!
After some time webserver2 is the current live webserver and I can switch off webserver1.
And after some work/days I will switch back to webserver1 without loosing a packet!
I am in an environment with NAT. (In case that this is important.)
I tried the following and failed:
[login to view URL]
[login to view URL]
[login to view URL]
Maybe I overlooked something trivial maybe not.....
Hi :)
I can help you with this task. My recommendation is to use Nginx HTTP Proxying/Load balancing for doing the same.
Awaiting for your reply.
Thank you !
Hello Mate! I am expert Ubuntu 16.04 LTS Xenial Xerus security system admin, I will do TCP-Proxy/Forwarder for webserver for u. I can start now. I hope you will enjoy working with me.
Thanks
Arman