|
This would be easier accomplished using iproute2.
ip rule add from x.x.x.1 nat y.y.y.1
ip route add nat y.y.y.1 via x.x.x.1
ip rule add from x.x.x.2 nat y.y.y.2
ip route add nat y.y.y.2 via x.x.x.2
Where x.x.x.* are the internal IP's, and y.y.y.* are the externals.
If you want to do it based on some more complex rules in your ipchains, you
can use fwmarks, but that is a little more complex in the ip rule/route
commands as well.
> -----Original Message-----
> From: tc lewis [mailto:tcl@xxxxxxxxx]
> Sent: Monday, November 13, 2000 5:31 AM
> To: lvs-users@xxxxxxxxxxxxxxxxxxxxxx
> Subject: ipchains -i [off topic].
>
>
>
> so utilizing ipchains' -i flag with a forward chain, i can specify which
> device to send out from. like eth1 or eth2. is there any way i can make
> that even more narrow, and specify an ip alias somehow? ie: eth0:0 or
> eth0:1? that syntax doesn't seem to fly.
>
> what i'm looking to do is have 1 machine do masq for 2 machines behind it,
> but have the source address on outgoing packets be different for each of
> those 2 backend machines. apparently this is easy with 2 separate
> physical interfaces, but the ips for outgoing connections are both ip
> aliases, so i was wondering if that was possible. perhaps with more
> policy routing, maybe via fwmark stamps? or is there an easier way?
>
> -tcl.
>
>
>
|
