Specifing ip address for outbound connections on a multi ip host
one of my servers (Debian 5.0.6) has two public ip-address on the same interface. This used to work well for months but suddenly it is using "the wrong" ip addresses for outgoing connections. This is a problem because the reverse lookup will not match and emails therefore get spam points.
eth0 Link encap:Ethernet Hardware Adresse 00:1b:21:14:8e:9c
inet Adresse:81.169.180.51 Bcast:81.169.180.51 Maske:255.255.255.255
inet6-Adresse: fe80::21b:21ff:fe14:8e9c/64 Gültigkeitsbereich:Verbindung
eth0:0 Link encap:Ethernet Hardware Adresse 00:1b:21:14:8e:9c
inet Adresse:85.214.157.120 Bcast:85.214.157.120 Maske:255.255.255.255
Kernel-IP-Routentabelle
Destination Router Genmask Flags Metric Ref Use Iface
81.169.180.1 0.0.0.0 255.255.255.255 UH 0 0 0 eth0
0.0.0.0 81.169.180.1 0.0.0.0 UG 0 0 0 eth0
Currently it is using 85.214.157.120 for outbound connections. How do I get it to use 81.169.180.51?
Edit: The netmask of 255.255.255.255 is consistent with both documentation and DHCP response of the hosting company. Calling /etc/init.d/networking restart multiple times will eventually end up with the correct ip-address for outbount connections. But that is obviously not a stable solution. /Edit
Edit 2: To make sure that the host route is not related to my issue, I setup a local test network:
eth0 inet Adresse:192.168.0.2 Bcast:192.168.0.255 Maske:255.255.255.0
eth0:0 inet Adresse:192.168.0.3 Bcast:192.168.0.255 Maske:255.255.255.0
192.168.0.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0
0.0.0.0 192.168.0.1 0.0.0.0 UG 0 0 0 eth0
If anyone has an idea how to make sure that source ip-address 192.168.0.2 is used on outbound tcp connections, I'd be thankful. /Edit 2
Update default:
ip route change default via 81.169.180.1 src 81.169.180.51
Check configuration:
ip route list
The answer by bindbn is good, but I found some complications.
1) You should check "ip route list" as bindbn says. Some other rule in the list may take precedence over the default route. You might need to delete that rule, or create a slightly different rule.
2) All changes done via the ip command only work until next reboot. This answer Permanently adding source policy routing rules explains how to make it persistent.
In summary, you can add the ip route command you need to run as an "up" or "post-up" line to /etc/network/interfaces. You could add a corresponding "down" line to remove the route.
Try changing
allow-hotplug eth0
to
auto eth0
That should force your physical interface to come up first. You may or may not need to change the allow-hotplug entry for eth0:0 as well.
Out of curiosity, why do your IP addresses have a netmask of 255.255.255.255 ? That's really not feasible, since it would mean the whole address is the network. No room for hosts. The fact that your broadcast address is the same as your host IP is also worrying, but likely due to the netmask issue. It rather looks like your netmask should be 255.255.255.0.
Was this done to give you two hosts on the same subnet? It might be preferable to simply make a change so that each interface is on a different subnet. 255.255.255.128 would put eth0 and your gateway (of 81.169.180.1) on the same subnet, with eth0:0 on a separate subnet. However, that would mean that eth0 could only communicate with 81.169.180.1-81.169.180.127. And eth0:0 going from 129-254. But that being said, I can't really see why your current setup works at all.
Now, will this cause the issues you're seeing above? I can't see a direct link, but it's possible.
It's certainly something I'd tweak. If that doesn't help, maybe you can explain why you have things setup this way.
Edit: Was this working fine on this host, or was it a different machine/OS? Any idea what might have changed? The reason I ask is because Linux really doesn't like to have two interfaces on the same subnet. It's driven me mad trying to get this working on my own network. It sounds quite possible that you got this working on the right IP, up until you rebooted/restarted network services. Then it came up using the wrong interface. Reference: http://anders.com/cms/258
You could also try ifdown
on eth0:0, then adding the route, then ifup
ing it back. That might guarantee the correct IP gets used.
Manually adding the dev eth0
might help, but it appears as though the route was done properly.
Further Edit: You might try using the newest IP management tools in Debian,
iproute 2
. (Secondary link) It looks like something along the lines of Bringin up the interface:
ip link set eth0 up
ip addr add 192.168.0.2/24 dev ethe0
ip addr add 192.168.0.3/24 dev eth0
Then setting up the routing table withip route add 10.0.0.0/16 via 192.168.0.2
--Christopher Karel