IP traffic between two NICs on same box

08-05-2012, 12:26 PM

Pascal Hambourg wrote:
> Hello,
>
> Giro a écrit :
>> >
>> > Is there any way to let two local network interfaces communicate with
>> > each other without using the loopback device?
> Not easily.
> First, the kernel forces packets with a local destination address
> through the loopback interface. Second, the kernel discards packets
> received on a non-loopback interface with a local source address.
>
>> > On the same computer, I have interfaces eth1 (192.168.0.11) and eth2
>> > (192.168.0.12). I want to
>> > ping from eth1 to eth2, and make the packet physically hit the wire,
>> > instead of going through the loopback device.
> The above restrictions can be worked around with iptables NAT rules and
> static ARP entries, tricking the kernel into believing that it is
> communicating with a remote host. Sensitive people beware : what follows
> is ugly.
>
> Say that "remote" eth1 will be seen as 192.168.0.21 and "remote" eth2 as
> 192.168.0.22.
>
> # make sure packets to "remote" addresses are routed through the correct
> # interface
> ip route add 192.168.0.21 dev eth2
> ip route add 192.168.0.22 dev eth1
>
> # create static ARP entries for the remote addresses
> arp -s 192.168.0.21 $eth1_mac_address
> arp -s 192.168.0.22 $eth2_mac_address
>
> # replace the source address of outgoing packets with the "remote"
> # addresses
> iptables -t nat -A POSTROUTING -o eth1 -j SNAT --to 192.168.0.21
> iptables -t nat -A POSTROUTING -o eth2 -j SNAT --to 192.168.0.22
>
> # replace the destination address of incoming packets with the real
> # local addresses
> iptables -t nat -A PREROUTING -i eth1 -j DNAT --to 192.168.0.11
> iptables -t nat -A PREROUTING -i eth2 -j DNAT --to 192.168.0.12
>
> With this a packet sent to 192.168.0.21 or 192.168.0.22 and its reply
> should go on the wire.

--
PGP Public Key:
ID: 0x3AEA3541
MD5: 608E 6B7B 7CA9 6F52 D3DF 6351 6E14 FF30 3AEA 3541

08-05-2012, 12:59 PM

ein a écrit :
> Pascal Hambourg wrote:
> > The above restrictions can be worked around with iptables NAT rules and
> > static ARP entries, tricking the kernel into believing that it is
> > communicating with a remote host. [...]

Thanks for digging this out. I vaguely remembered I posted it somewhere,
but was too lazy to search where and when.

08-05-2012, 01:32 PM

Pascal Hambourg wrote:
> ein a écrit :
>> Pascal Hambourg wrote:
>> > The above restrictions can be worked around with iptables NAT rules and
>> > static ARP entries, tricking the kernel into believing that it is
>> > communicating with a remote host. [...]
>
> Thanks for digging this out. I vaguely remembered I posted it somewhere,
> but was too lazy to search where and when.

Great post, I was copy it.

08-05-2012, 01:34 PM

ein wrote:
> Pascal Hambourg wrote:
>> ein a écrit :
>>> Pascal Hambourg wrote:
>>> > The above restrictions can be worked around with iptables NAT rules and
>>> > static ARP entries, tricking the kernel into believing that it is
>>> > communicating with a remote host. [...]
>>
>> Thanks for digging this out. I vaguely remembered I posted it somewhere,
>> but was too lazy to search where and when.
>
> Great post, I was copy it.

*I copied it.

Thread Tools
Show Printable Version Email this Page
Display Modes
Linear Mode Switch to Hybrid Mode Switch to Threaded Mode

Similar Threads
Thread	Thread Starter	Forum	Replies	Last Post
Two NICS on same network and NIC selection for traffic	Alistair Keay	Windows Networking	6	01-14-2008 10:49 AM
Want to send traffic between two NICs	Asif	Linux Networking	3	06-07-2007 06:23 PM
routing traffic between two modems connected to the same PC.	tortoise underscore 74 at yahoo. nospam co.uk	Linux Networking	4	01-04-2007 09:02 PM
Spliting traffic between two NICs	martin	Linux Networking	2	09-20-2004 03:30 PM
two dsl connections, two routers, dual nics on linux box , want to run two websites	Laitkor	Linux Networking	1	06-19-2004 07:27 PM