Please refer to my previous posts regarding creating your cloud service like digital ocean or google cloud. Part 1 and Part-2 and Part-3
In last 2 weeks I got 1500+ followers. Thank you for following me & emails.
Today, I am going to tell you how you can connect your Internal VMs / Servers / Containers /devices on Single External Public IP.
When it is required?
You want to have 'n' numbers of Internal VMs / Servers / Containers /devices but having only one Public IP. As in case of digital ocean / google cloud.
Getting another Public IP may cost between 3-5 USD per Month and tricky to connect with your internal VMs / Servers / Containers /devices .
I will not deep dive into boring topics like types of IPs, Gateways , network masks etc. So take breath. But I believe you should know at-least how to identify an IP: ** Public or Internal ?**
Public IP Starts from : 1 to 126 - Like 104.24.108.61 of dev.to
IP address starting from 127 is reserved for Localhost.
And everything else starting from 128 to 233 are internal IPs.
If you are on linux do 'ifconfig' and on Windows do 'ipconfig' to see your machine address.
Can you identify the below IP4 is Public IP or my Machine address ?
This is my Machine Id. You are right.
Let us assume I have one Public IP : 104.24.108.61 and following Internal IPs of anythings (Internal VMs / Servers / Containers /devices) .
anything1: 192.168.189.1 --> visit it on internet: 104.24.108.61
anything2: 192.168.189.4 --> visit it on internet: 104.24.108.61:8080
anything3: 192.168.189.4:8844 --> visit it on internet: 104.24.108.61:9090
anything4: 192.168.189.4:9000 ---> visit it on internet: 104.24.108.61:9000
We will use Iptables for anything3. This example uses my favorite Ubuntu.
Syntaxes:
(a) CREATE : listen internal IP on Public IP:
sudo -E bash -c 'iptables -t nat -I PREROUTING -i eth0 -p TCP -d 104.24.108.61 --dport 9090 -j DNAT --to-destination 192.168.189.4:8844 -m comment --comment " anything3 listenting on dev.to ip"'
(b) CHECK: To check all IP rules:
sudo iptables -t nat -L PREROUTING --line-numbers
(above, line-numbers is part of syntax)
(c) DELETE : Delete IP rule:
`sudo iptables -t nat -D PREROUTING 1'
Will delete rule 1 on screen.
(d)PERSISTENT : To use rule after host restart:
sudo apt-get install netfilter-persistent
sudo netfilter-persistent save
usage of Iptables is not limited to connecting Internal IPs to Public Ips but also you can use it for listening one Internal IP to another Internal IP.
I hope you people like the above article and learned something.
You are most welcome to join my team . You should contact me here form details .
Contact email: Manishfoodtechs@gmail.com.
Don't forget to Follow, like or tag me :).
Top comments (2)
Thank you for writing this how-to on reverse proxying. I haven't read the post in detail, however, I'd like to point out that the comment on IP addressing is incorrect. Please refer to this standards doc.
tools.ietf.org/html/rfc1918
Thanks AL for reply. Please note this is intentionally done for simplicity of article. Article treats Class [B+C] together as Internal IPs and Class A IP4 as Public IP. Which is also a standard.