> What about doing an SSH tunnel? I know, with all this > planning I could have just moved the box already and it'd be > back up but it's the principle :-). But if you want it to respond to requests to it's real IP, and to the ip which is on the box doing the forwarding, you need to have some way for it to figure out whether to send the packets back out of the regular ethernet interface, or over the tunnel. And for that, you need to do source routing. That will send packets back through the last hop they came from, regardless of the default route on the box. In the case of the port forwarding box, the hop that it came from would be the ip on the other side of the tunnel. So yes, you can do an ssh tunnel, but it's probably just faster to make a low TTL on your DNS server, and then move it long enough after the original TTL expires, and change the DNS to the new ip when you phsically move it. > > -Brian > > > _______________________________________________ > Twin Cities Linux Users Group Mailing List - Minneapolis/St. > Paul, Minnesota http://www.mn-linux.org > tclug-list at mn-linux.org > https://mailman.mn-> linux.org/mailman/listinfo/tclug-list >