Hello, I have the following situation and I have been googling a lot but I don't find the right solution.

I have an application hosted into a server, the server has 4 Public IP address. The application must connect to a remote application which is hosted in a remote IP. The application has different modules an this modules mast connect to de remote app using different public IPs.

To do this I want to do a local IP alias to the remote IP, binded to one public IP, so the app module connects to the local alias and the connection must be routed to the remote app through an speciffic public IP.

Graphically:
|-------------- SAME SERVER -------------|
MOD APP1 --> LOCAL ALIAS1--> Public IP1 -->|INTERNET|--> Remote IP
MOD APP2 --> LOCAL ALIAS2--> Public IP2 -->|INTERNET|--> Remote IP
MOD APP3 --> LOCAL ALIAS3--> Public IP3 -->|INTERNET|--> Remote IP

Additionally the server has exposed to Internet, the public IPs are assigned to the server. The App is deployed in the same server.

How is the smart way to do this??? I have been trying different way without success.

Thank YOU!!!

hi,

a little tricky questions - but was that apache server?
how many NIC did you use for those 4 IPs?

i think #man ip|grep 'ip rule add' -> will help a bit.

HTH.

hi, thanks about your response. The server only have one NIC but I have configured 4 VLAN over eth0.

Another additional data is that there is a racoon tunnel between each public IP and the remote server.

I have configured 4 set of SPD rules for each connection, so the traffic generated with source the public IP address will be routed through the tunnel.

If I only use routing the remote machine always will see my traffic from one of my public IPs. Technically as the remote host is the same for all the modules, all the modules are connecting well but always from the same source Address instead of different ones.

The application is running in tomcat. Each modules connect to the remote Web Service setting up a socket. I have no possibility to change the source code to change that the socket was binded to an specific IP, so I suppose the idea to connect the socket to an alias and this alias was Nated directly to the remote IP through a specific public IP.

I don't know if I am clear to express my problem, it don sound soomething difficult but I get stuck with that.

Thank you in advance!

hi juan,

i get the point - but, is there any higher problem with your current connection (why you need to re-map once again?) - they already worked didnt they?

or perhaps you need to LOG which remote IP doing transaction with which local apps?

ok - the racoon set the tunnel 1 to 1, 2 to 2 and so forth,
if that has already worked then the next step is doing my "ip rule" proposal (please read the manual carefully - its there) - so your NIC can understand which traffic come from which side of NIC (which vlan) and should be directed to which which remote IP. you can do this with iproute2 - even per single IP.

i have a little clue on my blog "doing PBR" - but it uses iptables as filter - not ip rule - but i hope you get the picture.

i think its better to start one at a time - beginning from the remote IP.

HTH.

Thank you I will try with that. I keep you updated with my results.

Thanks Again!

I have been trying to do this with "ip rule/route" combined with iptables but I can't to get it working. I feel so frustrated and so dumb!