I think i've failed to describe what i'm trying to do. So i'm describing it again. The client will send request to the BOX2's IP. BOX1's IP used only for management purposes. All request destined to BOX'2 IP will go through BOX 1. BOX1's IP will not be available to clients. another thing is the service running in BOX2's is very sensitive to nat like stuffs. primary natting for client is managed externally. but no packet header modification(in case of iptables -t nat) is desirable. On Mon, Apr 16, 2012 at 9:16 PM, Ken godee <ken at perfect-image.com> wrote: > > > On 4/16/2012 8:04 AM, Arif Hossaiin wrote: > > I need to set up following network architecture : > > > > > > Internet > > ^ > > +-----------------+ | +------------------+ > > | Centos6-1 | | | Centos6-2 | > > | +---- eth0 + ----+ | | > > | (br0)| | | | > > | +---- eth1 +----------------+ eth0 | > > +-----------------+ +------------------+ > > ( cable connection ) > > > > > > Two public IP's are to be configured like follows : > > > > + **eth0** and **eth1** of **Centos6-1 are to be configured as a bridge > > with IP1 > > - **Centos6-1** can be accessed with IP1 > > - **eth0** of **Centos6-2** is configured with IP2 > > - any request destined to IP2 will flow through **Centos6-1** > > > > How can i accomplish this feat? > > Not sure if I'm understanding this.... > > You're trying to present a service running on box 2 to the internet > through box 1's public interface? (securely) > > If so I might have a look at this software.... > > http://www.delegate.org/delegate/ > > You'll be able to create a reverse proxy on box 1 to box 2 or > any services running on your internal network, etc. > > _______________________________________________ > CentOS mailing list > CentOS at centos.org > http://lists.centos.org/mailman/listinfo/centos > -- -aft