Friday, March 28, 2014

loop back in same machine - physically send packet out




http://serverfault.com/questions/127636/force-local-ip-traffic-to-an-external-interface

eth2 10.50.0.1 eth3 10.50.1.1

ping 10.60.0.1
This goes via eth3.
route for 10.60.0.1 added in eth3
10.60.0.1 arp set in eth3
source            dst
============ =============
= 10.50.1.1 =                      = 10.60.0.1  =
============               =============
changed into
source*           dst
============       =============
= 10.60.1.1 =                   =  10.60.0.1  =
============              =============
received by eth2. 10.60.1.1 arp resolved by eth2.
 10.60.1.1 route in eth2.
source               dst
============ =============
= 10.60.1.1 =                     = 10.60.0.1  =
============               =============
changed into
source           dst*
============        =============
= 10.60.1.1 =                    = 10.50.0.1  =
============               =============

10.50.0.1 => eth2 address. so reply  back.


ifconfig p3p1 10.50.0.1/24
ifconfig p3p2 10.50.1.1/24

iptables -t nat -A POSTROUTING -s 10.50.0.1 -d 10.60.1.1 -j SNAT --to-source 10.60.0.1

iptables -t nat -A PREROUTING -d 10.60.0.1 -j DNAT --to-destination 10.50.0.1

iptables -t nat -A POSTROUTING -s 10.50.1.1 -d 10.60.0.1 -j SNAT --to-source 10.60.1.1

iptables -t nat -A PREROUTING -d 10.60.1.1 -j DNAT --to-destination 10.50.1.1

ip route add 10.60.1.1 dev p3p1
arp -i p3p1 -s 10.60.1.1 A0:36:5F:05:E8:2E  //p3p2's mac address

ip route add 10.60.0.1 dev p3p2
arp -i p3p2 -s 10.60.0.1 A0:36:4F:05:E8:2C //p3p1 mac address.


No comments:

Post a Comment