[AusNOG] Redirecting a TCP port both directions
James Hodgkinson
yaleman at ricetek.net
Tue Apr 8 23:27:06 EST 2014
Do you have an AWS VPC going? From their FAQ (
http://aws.amazon.com/vpc/faqs/):
> Q. What IP address ranges are assigned to a default VPC?
> Default VPCs are assigned a CIDR range of 172.31.0.0/16. Default
subnets within a default VPC are assigned /20 netblocks within the VPC CIDR
range.
Sounds like (from the rest of the page) you might need to double check the
config...?
James
On 8 April 2014 12:07, Geordie Guy <elomis at gmail.com> wrote:
> Hi Folks,
>
> Working with a B2B partner who has exposed non-RFC1918 addresses
> 172.31.1.2 and 172.31.1.3 through a VPN tunnel to our environment, and this
> works fine for hitting a web service down the tunnel from our local
> networks. We have a development footprint in AWS that is shanking at this,
> because an overlying abstraction layer for how AWS S3 instances route means
> that if it sees a non-RFC1918 range it sends it out to the Internet
> regardless of any host or other level routes that are specified. I can set
> route add 172.31.1.0/24 via a gateway or for that matter the loopback
> until I go blue in the face and the server will merrily continue to try and
> find the IP on the Internet.
>
> What I need to do, other than not allow design decisions that involve non
> RFC-1918 addresses for private networks, is redirect a TCP port (443) from
> an IP that I *CAN* hit inside our network, to the 172.31.1.0 range down the
> tunnel, so that 1654287.r.msn.com stops scratching his head at the
> traffic trying to hit him from AWS.
>
> What do I do to accomplish this? Netcat? And before anyone says NAT,
> there's already been enough bad decisions made here.
>
> Regards,
>
> Geordie
>
> _______________________________________________
> AusNOG mailing list
> AusNOG at lists.ausnog.net
> http://lists.ausnog.net/mailman/listinfo/ausnog
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.ausnog.net/pipermail/ausnog/attachments/20140408/942d552a/attachment.html>
More information about the AusNOG
mailing list