Networking Forums
Home Register Members Search Links
Member Login:

Networking Forums > Computer Networking > Linux Networking > Changing source address of packets

Reply
Thread Tools Display Modes

Changing source address of packets

 
 
Drew Leske
Guest
Posts: n/a

 
      10-02-2004, 12:41 AM
Greetings,

I am trying to set up a server to change the source address of
outgoing packets for a particular user to be a secondary address. I
am limited to eth0, but so far as I can tell this should not be a huge
problem.

I am using Red Hat Enterprise Linux 3.0, it's fully updated etc. RHEL
is unfortunately limited to iptables v1.2.8, which doesn't have the
ROUTE module that could override the core routing decision with a
different source address. I'm therefore trying to use iproute2 to do
this for me.

Background: I want to keep services separate from servers, because in
our organization services tend to move servers from time to time.
Generally, this is easy: a service (say finance.example.com) is
deployed on a server (machine1.example.com). People accessing the
service go to finance.example.com, which resolves to an IP address
provided by an IP alias on machine1.example.com. If we move finance
to machine2.example.com, the IP alias moves to machine2 as well,
without affecting the primary IP addresses on machine1 or machine2.

The problem here is that in this case the service goes out and talks
to other services. So, when the service connects to machine3, I want
it to come from finance.example.com, and not machine1.example.com.

Here's the basic procedure I have used to get this to work:

1. Set up the alias on the device:

# ip address add dev $DEV $ADDR/24 broadcast $BCAST label $DEV

2. The service is tied to a particular user, so I can use iptables to
mark any packets coming from that user:

# iptables -I OUTPUT 1 -t mangle -m owner --uid-owner $USER -j MARK
--set-mark 0xf1

3. I set up a special routing table in which any packets routed
through it have their source address changed:

# ip route add to default table $TABLE src $ADDR dev $DEV

4. And finally I set up a rule to route marked packets to this table:

# ip rule add fwmark 0xf1 table $TABLE

This setup is the closest I have gotten. The packets get recognized
and marked, but unfortunately always seem to wind up coming from the
primary address.

Any thoughts?

Thanks,
Drew.
 
Reply With Quote
 
 
 
Reply

« USB serial converter to RS232- HELP Please. | Tuning TCP/IP For Satellite Links (Fedora Core 2 or Red Hat 9) »
Thread Tools
Display Modes
Linear Mode Linear Mode

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off

Similar Threads
Thread Thread Starter Forum Replies Last Post
1000 IP packets with different SOURCE&DESTINATION addresses generator/simulator song_winter@hotmail.com Linux Networking 6 07-17-2007 10:57 PM
Changing the Source IP on a Loopback Interface Jason Timmins Windows Networking 0 02-23-2007 02:57 PM
Change default source IP of outgoing packets in multihomed config? Andy Shepard Linux Networking 0 06-16-2005 07:09 PM
packets with source ip 0.0.0.0 linux.lover2004@gmail.com Linux Networking 7 05-05-2005 06:45 AM
Source IP Address of Multicast Join Packets nd_no@yahoo.com Linux Networking 4 03-03-2005 10:35 AM


Forum Software Powered by vBulletin®, Copyright Jelsoft Enterprises Ltd.
SEO by vBSEO 3.3.2 ©2009, Crawlability, Inc.
Contact Us - Archive - Privacy Statement - Top

1 2 3 4 5 6 7 8 9 10 11