Send packets to yourself, out one interface and in another
Linux - NetworkingThis forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
Send packets to yourself, out one interface and in another
I'm developing software to be used for testing hardware, so I want to do something that would normally be, well, wrong. I have a host with multiple network interfaces all connected to a single switch, and I want to send packets out interface A and back in interface B. (And then out A and in C, etc.) If you just do something straightforward like pinging, the network stack figures out that the packets are going to itself and "helpfully" doesn't bother sending any packets over the wire.
I believe that when IP addresses are translated to MAC addresses, it figures out that the destination MAC address is an interface on itself and the kernel takes the packet and handles it as if it had just been received on the incoming interface.
I'm not very informed about iptables but it doesn't seem to me that iptables would help at all here. I think this would require sending and receiving packets below the IP level.
The problem is mostly straightforward if I have an external device on the switch that I can use as a ping target. However this test would be more valuable and useful if it did not involve an external device.
I wonder if anybody has a clever idea how to do this? Could I be mistaken and some magic iptables incantation do the trick? Can you point me to how I could write a program that sends and receives packets below the IP level?
int fd;
fd=socket(AF_INET, SOCK_RAW, IPPROTO_TCP);
There is a fair bit of help on the net; Google 'raw socket', or search these forums for details.
Note that using raw sockets requires root privileges, since none of the content of the packets can be vetted by a trusted stack.
Also, you should/may be able to coerce an existing IP stack to route to different interfaces depending on the destination address. Probably requires using separate subnets. Maybe someone else can provide details on this.
Thanks for the tip on raw sockets. I'll look into that. However it looks like raw sockets are still going through IP.
Unless I'm quite mistaken, getting an IP stack to route packets out a particular interface won't prevent the lower level of the stack from looking at the destination MAC, figuring out that the MAC is on the same host, and optimizing away actually sending the packet over the wire.
According to the Linux man page for the socket interface, there is the possibility of binding a socket to a specified interface.
I was going to try to post an concise example of how to accomplish this, but as it is slightly less than trivial, I will instead refer you to the bacnet4linux project on sourceforge. In there, you can find code to attach a raw socket to a specified interface. See, in particular, the files main.c, net.c, and ethernet.c. I did not write that code, but have adapted and used the package extensively, and can say with complete certainty that it does work.
I think that using the raw sockets interface allows you to send datagrams that may not conform to the usual expectations of formatting (which is why it requires root privileges), and the usual 'optimization' is not performed.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.