MAC-Address based routing
Posted
by
d-fens
on Server Fault
See other posts from Server Fault
or by d-fens
Published on 2012-11-28T16:11:57Z
Indexed on
2012/11/28
17:06 UTC
Read the original article
Hit count: 164
Here is what i want to do:
I have a bunch of systems, some might have the same Public-IP, i disable ARP. I have a Firewall (either IP Layer or bridge-FW) between these systems and the internet. Depending on the destination port of incoming IP-Packets to some of these Public-IPs i want to set the destinsation-Ethernet-Adress. So for instance
System A has IP 8.8.8.8, mac de:ad:be:ef:de:ad, arp disabled System B has IP 8.8.8.8, mac 1f:1f:1f:1f:1f:1f, arp disabled
Firewall has IP 8.8.8.1, arp disabled on that interface
- Incoming packet to IP 8.8.8.8 tcp dest port 100
- Incoming packet to IP 8.8.8.8 tcp dest port 101
Firewall sets dest-mac for 1.) -> de:ad:be:ef:de:ad Firewall sets dest-mac for 2.) -> 1f:1f:1f:1f:1f:1f
Second scenario:
System A and System B establish outgoing TCP-Connections, and the firewall matches the dst-mac of the incoming IP-Packets (response packets) to the senders-mac address.
is this possible in any way with linux and iptables?
edit: i read ebtables might "work" in a hackish way for this purpose but i am not sure...
© Server Fault or respective owner