Routing understanding problem
Since some days I am trying to get my problem to work, but I am near to give up.
Situation: I have got a dedicated server in a datacenter with a WAN-IP and an additional WAN-subnet. (I call them "main IP" and "VM-subnet")
The server is virtualized and the additional subnet is for the virtualized machines (VMs).
Easy configuration: Connect all VMs to the host's eth0 and add all IPs manually - works.
Now I want to install IDS or just logging for all VMs in a single VM (lets call it vmGW). So I have to route all traffic for the other VMs through this VM.
If the other VMs will get an internal subnet (192.168.*) I could NAT and all will work.
But my problem is: I want to give all VMs their WAN-IP (from the VM-subnet).
So the situation is: In vmGW there are two ifaces - one for WAN and one for the internal LAN. And I have NO IDEA, how to route this.
The fact that is driving me crazy is, that the WAN-iface (eth0) should get all the IPs by "ip addr add xxxx dev eth0" and the LAN-iface (eth1) does have an IP in this subnet.
I dont know, how to route packets from an ifaceA to an ifaceB, when they are in the same subnet.