Change source address based on destination IP

Posted by hgj on Server Fault See other posts from Server Fault or by hgj
Published on 2013-11-04T09:58:37Z Indexed on 2013/11/04 15:57 UTC
Read the original article Hit count: 238

Filed under:
|
|

We have several "router" machines that gather a lot of external IP addresses on the same host and redirect, NAT or proxy the traffic to the internal network. They also act as routers for the machines on the internal network. This works fine, however I am unable to make the routing table, so I can change the source address, based on the destination a machine from the internal network want to access.

Let's say I have a router, that has public addresses P1 (5.5.5.1/24) and P2 (5.5.5.2/24). All traffic goes through P1, but if necessary, the host is reachable on P2 too. This looks like this and works fine:

> ip addr
...
1: eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
    link/ether aa:bb:cc:dd:ee:11 brd ff:ff:ff:ff:ff:ff
    inet 5.5.5.1/24 brd 5.5.5.255 scope global eth1
    inet 5.5.5.2/24 brd 5.5.5.255 scope global secondary eth1:p2
...

Now I want to use P2 as the source address, if I want to access the Google DNS service for example (8.8.8.8). So I add a row in the routing table like:

> ip route add 8.8.8.8 via 5.5.5.254 dev eth1 src 5.5.5.2
> ip route
...
default via 5.5.5.254 dev eth1
5.5.5.0/24 dev eth1  proto kernel  scope link  src 5.5.5.1
8.8.8.8 via 5.5.5.254 dev eth1  src 5.5.5.2 
...

But this does not work. If I ping 8.8.8.8, the host still uses P1 as the source address, and does not use P2 at all for outgoing connections.

Am I doing it right? I guess not...

© Server Fault or respective owner

Related posts about networking

Related posts about routing