Colin Campbell had writen ::
>
>What sort of dynamic do you want?
>
>If you had a fixed external address that connected to any one of
>several internal hosts that would make sense for a load balancing type
>of scenario.
>
Hello .
Dynamic mapping of published Ip addresses to internal ones could
give us what we need, which could be called "Load balancing" in some
sense : on IP adresses and number of simultneously accessible hosts.
Let me explain. The scenario is :
We have a requirement to connect from several external
hosts to multiple ports on multiple internal hosts, through a variety
of tcp/udp applications. For reasons of limited IP adress space
and auditing, NAT seems like a good thing to have.
But static mapping is not a good solution for us: We would prefer to
have only a limted number of hosts accessible at any time out of a
larger pool of hosts which could be "potentially accessed". This is
beacuse some of the hosts may be on decentralizd admin whereas the
security should be preferably controlled at the perimeter.
So I thought of limiting the number of published IP addresses
and "time-sharing" these among the several machines which would
like to make their services available.
It looks like I am looking
for a firewall which also provides a "Dynamic Domain names" service
so I can access the internal server by a domain-name which might be
mapped dynamically to different internal addresses through dns-NAT.
OR is this a Reverse Proxy situation ? { I only have a hazy notion
of what this term means }
Cheers,
Akhila Sinha
|
|
