LinuxQuestions.org
Welcome to the most active Linux Forum on the web.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Networking
Reload this Page Force outbound reply traffic to reuse inbound non-gw NIC?
User Name
Password
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.

Notices


Reply
  Search this Thread
Old 03-04-2002, 04:44 PM   #1
Jon-
Member
 
Registered: Dec 2001
Distribution: RH5.2/6.2/7.0/7.1/7.2/9/ES21/ES31
Posts: 91

Rep: Reputation: 15
Force outbound reply traffic to reuse inbound non-gw NIC?

Ok, a rather confusing subject... fairly simple question though..

Kernel 2.2 server. I have 2 network cards. They both have a default route (though the route used by internally generated traffic is NIC1), and they are both public IP addresses. And, can both ping a public third external host fine (ping -I<ethx> <host>. They are on different networks.

If I connect (ssh) to the second NIC IP from a unknown third network that isn't on EITHER network including the NICS, it will try to return the outbound traffic via the default gw of the first NIC (the global default route). Is there some way to force the outbound reply traffic to go back out the way it came in (control the externally generated traffic)? I'd still want outbound originating traffic to leave via the regular default route gateway.

I guess what I need is a way to filter the packets such that outbound return traffic goes back out the adapter it arrived on but outbound originating traffic goes out the regular normal default gw. Statefull routing??

Thanks,
Jon
Last edited by Jon-; 03-04-2002 at 04:45 PM.
 
Old 03-04-2002, 06:52 PM   #2
Jon-
Member
 
Registered: Dec 2001
Distribution: RH5.2/6.2/7.0/7.1/7.2/9/ES21/ES31
Posts: 91

Original Poster
Rep: Reputation: 15
Spent some time researching this, and it looks like what I'm needing isn't stateful routing, but rather policy routing. Plus, I need to recompile my kernel w/ advanced router and policy_routing enabled, and install the iproute2 software. This might allow me to do what I need.

Hopefully, IF this all works, it plays nicely w/ FreeS/WAN )

Any input is appreciated
 
Old 03-05-2002, 04:50 PM   #3
Jon-
Member
 
Registered: Dec 2001
Distribution: RH5.2/6.2/7.0/7.1/7.2/9/ES21/ES31
Posts: 91

Original Poster
Rep: Reputation: 15
For those who read this, I discovered that this solution does indeed work great. So far, the ipchains + new kernel + iproute2 + freeswan all seem to work fine together. And, it solves my original problem of needing to routing based on source IP.

RH6.2 (misc updates)
kernel 2.2.19-6.2.12
Freeswan 1.95
iproute2 001007


Thanks,
Jon
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Spike in outbound traffic- where to look? htmlcoder Linux - Security 3 03-19-2005 03:13 PM
inbound traffic routing beowulfde Linux - Networking 2 02-20-2005 04:47 PM
Linux and inbound UDP traffic Dwarflord Linux - Networking 4 04-16-2004 01:35 AM
Inbound traffic for port 80 Gerardoj Linux - Networking 10 05-29-2003 04:27 PM
Inbound/Outbound email messages full control miguel Linux - General 0 05-07-2002 11:36 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Networking

All times are GMT -5. The time now is 03:15 AM.

Contact Us - Advertising Info - Rules - Privacy - LQ Merchandise - Donations - Contributing Member - LQ Sitemap -
Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration