PDA

View Full Version : server reply from the same NIC where the traffic comes in



sharfuddin
23-Nov-2012, 17:13
How can I configure the server to reply/response via the same NIC(and gateway) from where the traffic/request came to the server

OS: SLES 11 SP2 x864

eth0 IP address: a.b.c.d
eth1 IP address: w.x.y.z
www.example.com resolves into IP addres "a.b.c.d"
www.example.com.local resolves into IP address "w.x.y.z"
eth0 has public and routable IP address(world accessible) while eth1 has public IP address but not accessible from outside the country.
Gateway IP address(use to communicate to the foreign customers): aa.bb.cc.dd and this is also the default Gateway
Gateway IP address(use to communicate to the local/nation wide customers): ww.xx.yy.zz this gateway will be use only to communicate with country wide customers

our country wide customers access the server via www.example.com.local ... while our foreign customers will access the server using www.example.com address.

I am responsible to configure the linux box, so that the server will respond using the same NIC(and Gateway) from where the traffic comes .. i,e if a request hits the server on eth0, the server must reply to that request using the same nic i.e eth0 via gateway(aa.bb.cc.dd), likewise if a request hits the server on eth1, then server also respond using the same NIC i.e eth1 and gateway(ww.xx.yy.zz)

I went through the iproute2 manuals but unable to find the syntax for the issue

please help me

KBOYLE
23-Nov-2012, 18:13
sharfuddin wrote:

> How can I configure the server to reply/response via the same NIC from
> where the traffic/request came to the server

Here are a couple of TID's that may help.

TID 7000318 Reply packets are sent over an unexpected interface
http://www.novell.com/support/kb/doc.php?id=7000318

TID 7007649 Applying SLES 11 SP 1 Causing Communication Issues
http://www.novell.com/support/kb/doc.php?id=7007649

Let us know how you make out.

--
Kevin Boyle - Knowledge Partner
If you find this post helpful and are using the web interface,
show your appreciation and click on the star below...

sharfuddin
26-Nov-2012, 07:28
thanks for your support.

the tid(7000318) you share is worth reading, but probably not applicable in my case, because this tid address the following issue:
"If multiple NICs in Linux are configured with addresses in the same subnet, by default
communication into that subnet will always be done by the first NIC in that subnet that
is started."

while in my case the server has two NICs and each has address from different IP subnet.
eth0 IP addr: a.b.c.d
server default GW : aa.bb.cc.dd
eth1 IP addr: w.x.y.z
I have to configure this linux box so that this box should reply via default gw i.e aa.bb.cc.dd if a request hits on eth0, and if the request hits the eth1 then this server should reply via gw ww.xx.yy.zz.

KBOYLE
26-Nov-2012, 18:12
sharfuddin wrote:

> the tid(7000318) you share is worth reading, but probably not
> applicable in my case

Have you tried the suggested solution(s)? Yes, the TID does describe a
specific configuration which is not to say the issue doesn't occur with
other similar configurations.

If I understand the TID correctly, it uses a routing scheme, that does
not depend on the default route, to force replies back to the interface
on which they arrived. That is exactly what you want to happen.

If this doesn't work, we can explore alternative solutions.

--
Kevin Boyle - Knowledge Partner
If you find this post helpful and are using the web interface,
show your appreciation and click on the star below...

sharfuddin
27-Nov-2012, 11:57
>> the tid(7000318) you share is worth reading, but probably not
>> applicable in my case
>>
>Have you tried the suggested solution(s)
>
No, but I will have the chance to do this within next few hours.

so in my case the rule would be like


ip route add 0.0.0.0/0.0.0.0 dev eth0 src a.b.c.d table T1
ip route add default via aa.bb.cc.dd dev eth0 src a.b.c.d table T1
ip rule add from a.b.c.d table T1

ip route add 0.0.0.0/0.0.0.0 dev eth1 src w.x.y.z table T2
ip route add default via ww.xx.yy.zz dev eth1 src w.x.y.z table T2
ip rule add from w.x.y.z table T2

KBOYLE
28-Nov-2012, 18:14
sharfuddin wrote:

>
> >> the tid(7000318) you share is worth reading, but probably not
> >> applicable in my case
> > >
> > Have you tried the suggested solution(s)
> >
> No, but I will have the chance to do this within next few hours.
>
> so in my case the rule would be like
>
> Code:
> --------------------
>
> ip route add 0.0.0.0/0.0.0.0 dev eth0 src a.b.c.d table T1
> ip route add default via aa.bb.cc.dd dev eth0 src a.b.c.d table T1
> ip rule add from a.b.c.d table T1
>
> ip route add 0.0.0.0/0.0.0.0 dev eth1 src w.x.y.z table T2
> ip route add default via ww.xx.yy.zz dev eth1 src w.x.y.z table T2
> ip rule add from w.x.y.z table T2
>
> --------------------

As I understand the TID, that would be the general idea. I'm not sure
that your subnet specification is valid. According to the TID, I would
expect to see 0.0.0.0./0 or perhaps 0/0.

All I can suggest is to try it and see. Please share your results.

--
Kevin Boyle - Knowledge Partner
If you find this post helpful and are using the web interface,
show your appreciation and click on the star below...