Bind incoming packets to 1 interface and outgoing packets to 2nd interface?

I am have a Linux machine with 2 network interface cards, I need to use one for incoming packets, other for outgoing packets.

Solution 1:

If you accept to use a single IP/prefix on your machine (let's name it X.X.X.X/Y, with gateway G.G.G.G), then it can be trivially be done.

• Add your address to eth0, but with a full prefix subnet.

  e.g. ip addr add X.X.X.X/32 dev eth0

• Do not set an address on eth1. If there is one, clear it with ip -4 addr flush dev eth1

• Add the subnet and gateway routes via eth1

  ip route add X.X.X.X/Y dev eth1 ip route add default via G.G.G.G dev eth1

• If on Ubuntu, or on other Linux distributions that enables Reverse Path Filtering by default, disable it, as they assume and enforce symmetric routing.

  sysctl -w net.ipv4.conf.eth0.rp_filter = 0 sysctl -w net.ipv4.conf.eth1.rp_filter = 0

• If both your network interfaces are connected to a switch, then you will need to not answer ARP on eth1. Since we added the IP address to eth0, we can just set arp_ignore on eth1 to 1 (only answer ARP for eth1 addresses) or 8 (don't answer anything).

  sysctl -w net.ipv4.conf.eth1.arp_ignore = 8

Once this configuration is done, there will be only one traffic that will flow in the reverse order: If the kernel receives an ARP request for X.X.X.X from eth0, then it will reply using eth0.