Specifing ip address for outbound connections on a multi ip host

linux ip routing

one of my servers (Debian 5.0.6) has two public ip-address on the same interface. This used to work well for months but suddenly it is using "the wrong" ip addresses for outgoing connections. This is a problem because the reverse lookup will not match and emails therefore get spam points.

eth0      Link encap:Ethernet  Hardware Adresse 00:1b:21:14:8e:9c  
          inet Adresse:81.169.180.51  Bcast:81.169.180.51  Maske:255.255.255.255
          inet6-Adresse: fe80::21b:21ff:fe14:8e9c/64 Gültigkeitsbereich:Verbindung

eth0:0    Link encap:Ethernet  Hardware Adresse 00:1b:21:14:8e:9c  
          inet Adresse:85.214.157.120  Bcast:85.214.157.120  Maske:255.255.255.255


Kernel-IP-Routentabelle
Destination     Router          Genmask         Flags Metric Ref    Use Iface
81.169.180.1    0.0.0.0         255.255.255.255 UH    0      0        0 eth0
0.0.0.0         81.169.180.1    0.0.0.0         UG    0      0        0 eth0

Currently it is using 85.214.157.120 for outbound connections. How do I get it to use 81.169.180.51?

Edit: The netmask of 255.255.255.255 is consistent with both documentation and DHCP response of the hosting company. Calling /etc/init.d/networking restart multiple times will eventually end up with the correct ip-address for outbount connections. But that is obviously not a stable solution. /Edit

Edit 2: To make sure that the host route is not related to my issue, I setup a local test network:

eth0      inet Adresse:192.168.0.2  Bcast:192.168.0.255  Maske:255.255.255.0
eth0:0    inet Adresse:192.168.0.3  Bcast:192.168.0.255  Maske:255.255.255.0

192.168.0.0    0.0.0.0         255.255.255.0   U     0      0        0 eth0
0.0.0.0        192.168.0.1     0.0.0.0         UG    0      0        0 eth0

If anyone has an idea how to make sure that source ip-address 192.168.0.2 is used on outbound tcp connections, I'd be thankful. /Edit 2


Update default:

ip route change default via 81.169.180.1 src 81.169.180.51

Check configuration:

ip route list

The answer by bindbn is good, but I found some complications.

1) You should check "ip route list" as bindbn says. Some other rule in the list may take precedence over the default route. You might need to delete that rule, or create a slightly different rule.

2) All changes done via the ip command only work until next reboot. This answer Permanently adding source policy routing rules explains how to make it persistent.

In summary, you can add the ip route command you need to run as an "up" or "post-up" line to /etc/network/interfaces. You could add a corresponding "down" line to remove the route.


Try changing 

 allow-hotplug eth0

to

 auto eth0

That should force your physical interface to come up first. You may or may not need to change the allow-hotplug entry for eth0:0 as well.


Out of curiosity, why do your IP addresses have a netmask of 255.255.255.255 ? That's really not feasible, since it would mean the whole address is the network. No room for hosts. The fact that your broadcast address is the same as your host IP is also worrying, but likely due to the netmask issue. It rather looks like your netmask should be 255.255.255.0.

Was this done to give you two hosts on the same subnet? It might be preferable to simply make a change so that each interface is on a different subnet. 255.255.255.128 would put eth0 and your gateway (of 81.169.180.1) on the same subnet, with eth0:0 on a separate subnet. However, that would mean that eth0 could only communicate with 81.169.180.1-81.169.180.127. And eth0:0 going from 129-254. But that being said, I can't really see why your current setup works at all.

Now, will this cause the issues you're seeing above? I can't see a direct link, but it's possible.
It's certainly something I'd tweak. If that doesn't help, maybe you can explain why you have things setup this way.

Edit: Was this working fine on this host, or was it a different machine/OS? Any idea what might have changed? The reason I ask is because Linux really doesn't like to have two interfaces on the same subnet. It's driven me mad trying to get this working on my own network. It sounds quite possible that you got this working on the right IP, up until you rebooted/restarted network services. Then it came up using the wrong interface. Reference: http://anders.com/cms/258

You could also try ifdown on eth0:0, then adding the route, then ifuping it back. That might guarantee the correct IP gets used.

Manually adding the dev eth0 might help, but it appears as though the route was done properly.

Further Edit: You might try using the newest IP management tools in Debian, iproute 2. (Secondary link) It looks like something along the lines of
Bringin up the interface: ip link set eth0 up

ip addr add 192.168.0.2/24 dev ethe0
ip addr add 192.168.0.3/24 dev eth0

Then setting up the routing table with
ip route add 10.0.0.0/16 via 192.168.0.2


--Christopher Karel

Related

Is there a way to get Cache Hit/Miss ratios for block devices in Linux?
nginx rewrite for an url with parameters
Redirect to SSL only if browser supports SNI
Determining which process is causing heavy disk I/O?
Using tc to delay packets to only a single IP address
how to connect to mongodb server via ssh tunnel
Iptables: "-p udp --state ESTABLISHED"
apt-get update getting 404 on debian lenny
Turning a log file into a sort of circular buffer
Is it possible to get OpenSSH to log the public key that was used in authentication?
What is the network address (x.x.x.0) used for? [duplicate]
Restrict access to IIS site to an AD Group