Limit Networking on Multihomed hosts - Revision history

Glenn: -cat

2011-10-21T22:10:21Z

-cat

Glenn: + Category:Network related

2011-10-21T21:29:01Z

+ Category:Network related

Glenn: +cat

2011-10-21T19:20:57Z

+cat

AdrianReyer: Issues added

2010-01-13T23:42:49Z

Issues added

AdrianReyer: /* Situation */

2010-01-13T23:01:47Z

‎Situation

AdrianReyer: Created page with '== Situation == You have a multihomed host, e.g. DMZ and LAN or different DMZs and want a single VServer only to e able to send packets over a specific network. == Solution == I …'

2010-01-13T22:56:39Z

Created page with '== Situation == You have a multihomed host, e.g. DMZ and LAN or different DMZs and want a single VServer only to e able to send packets over a specific network. == Solution == I …'

New page

== Situation ==
You have a multihomed host, e.g. DMZ and LAN or different DMZs and want a single VServer only to e able to send packets over a specific network.
== Solution ==
I used alternate routing tables:

Once (tested on Debian):
<pre>
echo 100 vservera > /etc/iproute2/rt_tables
echo 101 vserverb > /etc/iproute2/rt_tables
</pre>

After rebooting (write an init script)
<pre>
ip route add IP-VServer-A/mask table vservera dev ethA
ip route add default table vservera via Gateway-A
ip route add IP-VServer-B/mask table vserverb dev ethB
ip route add default table vserverb via Gateway-B

ip rule add from net-VServer-A/mask table 100
ip rule add from net-VServer-B/mask table 101
</pre>

← Older revision		Revision as of 22:10, 21 October 2011
Line 25:		Line 25:
	Traffic between IPs on the same host won't go the routes outside the host, you need to set up iptables here.		Traffic between IPs on the same host won't go the routes outside the host, you need to set up iptables here.

−	~~[[Category:Documentation]]~~
	[[Category:Network related]]		[[Category:Network related]]

← Older revision		Revision as of 21:29, 21 October 2011
Line 26:		Line 26:

	[[Category:Documentation]]		[[Category:Documentation]]
		+	[[Category:Network related]]

← Older revision		Revision as of 19:20, 21 October 2011
Line 24:		Line 24:
	== Issues ==		== Issues ==
	Traffic between IPs on the same host won't go the routes outside the host, you need to set up iptables here.		Traffic between IPs on the same host won't go the routes outside the host, you need to set up iptables here.
		+
		+	[[Category:Documentation]]

← Older revision		Revision as of 23:42, 13 January 2010
Line 21:		Line 21:
	ip rule add from net-VServer-B/mask table 101		ip rule add from net-VServer-B/mask table 101
	</pre>		</pre>
		+
		+	== Issues ==
		+	Traffic between IPs on the same host won't go the routes outside the host, you need to set up iptables here.

@@ Line 1: / Line 1: @@
 == Situation ==
-You have a multihomed host, e.g. DMZ and LAN or different DMZs and want a single VServer only to e able to send packets over a specific network.
+You have a multihomed host, e.g. DMZ and LAN or different DMZs and want a single VServer only to be able to send packets over a specific network.
 == Solution ==
 I used alternate routing tables: