I’m currently setting up a POC environment for a DDoS Protection System.
In order to detect attacks to a target server(Lets say 10.10.10.19), the network traffic must first
go the following way:
Internet -> ISP Router -> My VM host -> Router 1 VM -> DDoS Detection Device -> Router 2 VM -> The target Server(10.10.10.19).
Of course, the same thing applies to traffic that is outbound.
The problem that I have is that as soon as the traffic that is outgoing from the target server(10.10.10.19) reaches the “Router 1 VM”, the router routes all packets to 10.10.10.2 which is
the ISP gateway and correct.
The “Router 1 VM” itself has the IP address 10.10.10.6. But the return traffic from the target server(10.10.10.19) never reaches it because the ISP gateway does not seem to know a way to get to 10.10.10.19.
The perfect scenario would be that my ISP routes 10.10.10.19 via 10.10.10.6 but they told me that
they can’t easily do it and it will cost a fee, so this is not an option.
Note: The IP addresses that I’m using are global IP addresses which need to be reachable to the whole internet. I have changed them here for privacy reasons.
Is there anything I can do to make 10.10.10.19 reachable through 10.10.10.6 without my ISPs intervention?
