sending packets from alias address

Hi

I wonder if anyone knows the answer to this little question. I
currently have two redhat ES3 servers running the cluster suite ha
package. I've been asked by my business to get all outbound ip packets
from the cluster(package) to appear from the alias ( cluster ip
asddress )? This is due to a requirement by internat NAT restrictions
for our application.
Anyone know of an easy solution?

Regards

Peter


peter.glover@dsl.pipex.com

(E-Mail Removed) wrote:

> Hi
>
> I wonder if anyone knows the answer to this little question. I
> currently have two redhat ES3 servers running the cluster suite ha
> package. I've been asked by my business to get all outbound ip packets
> from the cluster(package) to appear from the alias ( cluster ip
> asddress )? This is due to a requirement by internat NAT restrictions
> for our application.
> Anyone know of an easy solution?

I don't know I understand your setup correctly, but If I do you could do
something like that:

You should first mark any relevant traffic using iptables owner/MARK
capabilities, then route the traffic according to that mark.

Something like:

iptables -t mangle -A OUTPUT -m owner --pid-number PID_of_your_APPS -j MARK
--set-mark 0x1

Then route the traffic accordingly:

ip route add table your_table default via $GATEWAY_IP dev $GATEWAY_DEV src
$CLUSTER_IP
ip rule add prio 10 fwmark 0x1 lookup your_table

Note: This will only work if the SRC IP has not been set by the application
itself. In such a case, you'll have to NAT the traffic before it goes out
the interface using iproute2 nat feature.

Hope that helps.
Vincent.

>
> Regards
>
> Peter

--
Kelkoo Security Manager / Networks & Systems Architect
JID: (E-Mail Removed) / Vincent.Jaussaud.AT.kelkoo.DOT.net
Kelkoo.com --- GNU/Linux Powered