How to select IP address for outgoing packets?
From: Graham Murray (gmurray_at_webwayone.co.uk)
Date: 04/28/05
- Next message: paul b: "telnet to ldap port --> verify response"
- Previous message: Axel Mueller: "nntpcache and login user/password"
- Next in thread: Vincent Jaussaud: "Re: How to select IP address for outgoing packets?"
- Reply: Vincent Jaussaud: "Re: How to select IP address for outgoing packets?"
- Reply: Alexander Clouter: "Re: How to select IP address for outgoing packets?"
- Reply: Alexander Clouter: "Re: How to select IP address for outgoing packets?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Date: Thu, 28 Apr 2005 14:44:29 +0100
For reasons which are not important here, I have a linux system (SuSE
9.3, if that makes any difference) which acts as the NAT router for a
LAN. This has 2 NICs, one of which connects to an ADSL router which
presents a /29 (the interface of this router is also using an address
within the /29)[1], the other connects to the internal LAN. All but 1 of
the 'external' addresses are NAT'd to various systems/services on the
LAN, with one of the external addresses being 'reserved' for services
running on the Linux system itself. In order to do this I have had to
associate 5 of the /29 addresses with the 'external' NIC using the
iproute2 tools.
I have no problems with routing incoming packets to the correct
system, nor with setting the correct outgoing IP address (using
iptables 'nat' table) for connections originating from other systems
on the LAN.
However I have been unable to force outgoing connections from the
Linux system to use the IP address which I want. For most things this
does not matter but I have the requirement to set up a VPN, which
requires fixed endpoint addresses, from this system. I have tried
setting the source address in the 'ip route' command, but this has no
effect. I tried setting SNAT in the iptables 'nat' OUTPUT table, but
SNAT is not valid in that table.
[1] I know that this is not the best setup, but the ISP supplied the
ADSL router and we do not have access to change its configuration.
- Next message: paul b: "telnet to ldap port --> verify response"
- Previous message: Axel Mueller: "nntpcache and login user/password"
- Next in thread: Vincent Jaussaud: "Re: How to select IP address for outgoing packets?"
- Reply: Vincent Jaussaud: "Re: How to select IP address for outgoing packets?"
- Reply: Alexander Clouter: "Re: How to select IP address for outgoing packets?"
- Reply: Alexander Clouter: "Re: How to select IP address for outgoing packets?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Relevant Pages
|
