Dual ethernet routing

rcketscientist · 05-27-2013, 09:08 PM

I'm looking to build a home server that will serve as an HTPC as well as a web/media server. Some of the data is on a separate VPN network. I'd therefore like to have access to both my direct network and my VPN network (two routers) at the same time, but for different applications.

I'm fairly certain I can do this with a virtual NIC in a VM, but I'm wondering if Linux will offer a more elegant solution.

Assuming dual NIC with one network on each is there a way in linux to route specific apps to a specific NIC? I'd like most network traffic to be direct, while specific apps get routed through the VPN.

I've had no luck searching for such a specific use case. I really appreciate any help. Thanks!

evo2 · 05-27-2013, 09:15 PM

Hi,

have you considered using a socks proxy instead of a vpn?

Cheers,

Evo2.

rcketscientist · 05-27-2013, 09:18 PM

That's not my question at all. As noted in the post my question is related to managing two networks with two NICs on a per app basis.

evo2 · 05-27-2013, 09:25 PM

Hi,

Quote:

Originally Posted by rcketscientist

That's not my question at all. As noted in the post my question is related to managing two networks with two NICs on a per app basis.

Great.

Sorry, can't help with a 2 nic setup that but you could achieve something similar (and only requiring one nic), with a socks proxy using ssh with -D. Then, any programs that you want to use the proxy (that don't natively know how to use a socks proxy) can be run under tsocks.

HTH,

Evo2.

rcketscientist · 05-27-2013, 09:50 PM

Thanks for the quick reply. I'm a complete noob on routing and I looked into the socks proxy, but I don't quite understand how that would get me on the VPN network.

Would the proxy basically be a tunnel to the VPN server?
Is the ssh acquiring the VPN connection?
And in Linux I can specify use of the tunnel on a per-app basis?

Do you have any recommended reading material online? Thanks!

evo2 · 05-27-2013, 10:01 PM

Hi,

Quote:

Originally Posted by rcketscientist

Thanks for the quick reply. I'm a complete noob on routing and I looked into the socks proxy, but I don't quite understand how that would get me on the VPN network.

No problem.

Quote:

Would the proxy basically be a tunnel to the VPN server?

Yes, but that machine does not need to be running a VPN server, just sshd.

Quote:

Is the ssh acquiring the VPN connection?

The tunnel/proxy is created by ssh.

Quote:

And in Linux I can specify use of the tunnel on a per-app basis?

Yes.

Quote:

Do you have any recommended reading material online? Thanks!

I don't know of any, but it is pretty trivial.

To set up the tunnel from your local machine "my.home.com" to the remote host, called "my.remote.com", you would do:

Code:

ssh -f -N -D localhost:6666 my.remote.com

Now, port 6666, on my.home.com provides a socks proxy to my.remote.com. So, for example you could then configure your web browser to use this (I do this with chromium). For other progarms that don't know how to use a socks proxy you can use of tsocks. So, on my.home.com you'd have an /etc/tsocks.conf that contains:

Code:

server 127.0.0.1
server_port 6666

Then you would launch the program like:

Code:

tsocks someprogram

Cheers,

Evo2.

rcketscientist · 05-28-2013, 09:38 PM

Wow thanks for the extremely detailed response. That all makes perfect sense now. A lot simpler than using two networks anyway. Thanks again!