[CentOS] Addressing outgoing connections to a specific interface
lowen at pari.edu
Sat Nov 6 20:44:49 UTC 2010
On Nov 6, 2010, at 4:05 PM, Dotan Cohen wrote:
> On Sat, Nov 6, 2010 at 20:51, Lamar Owen <lowen at pari.edu> wrote:
>> But at the end you would access 192.168.1.1 and it would get
>> translated to 192.168.0.1 at the eth0 point and wouldn't interfere
>> with the wlan0 version of the 192.168.0.1 address. I'm not exactly
>> 100% sure it can be done without an external NAT box, but a small
>> external router that can do NAT would make it much easier.
> That is not what I am trying to do, I will try to rephrase:
> I have a laptop connected to two network interfaces: eth0 and wlan0.
> Each interface connects to a different LAN. Both LANs have machines on
> the 192.168.0.1 address that I must access via port 80 in a web
> I don't need to access each one at the same time, but I do need to
> leave both interfaces up for other software running on this machine.
> CentOS 5.5, Dell Inspiron laptop.
Right, I understood that. If you did a NAT you would access the WLAN
one with its native 192.168.0.1, and the other one on eth0 with the
translated (also RFC 1918) address, whatever you might have set that
to. Now, I do realize that some routers will re-inject their IP
address into URLs, and that might break things; fixable using DNS, but
that's neither here nor there.
And your machine itself needs access to both routers at the same time,
whether you do or not, as you've described things, since one of those
routers is the default gateway for the machine.
> I suppose that I need either:
> 1) An address system such as eth0:192.168.0.1 and wlan0:192.168.0.1
> (syntax invented to illustrate idea, it doesn't really work!)
> 2) A way to do something like this as a user without affecting other
> $ export INTERFACE=eth0
> $ lynx 192.168.0.1
> $ export INTERFACE=wlan0
> $ lynx 192.168.0.1
2.5) The iptables -mowner --uid-owner rule might help you. (see http://www.frozentux.net/iptables-tutorial/iptables-tutorial.html#OWNERMATCH
It has breakage as noted in the tutorial, however.
Packet routing isn't designed to switch between multiple devices with
the same address; the interface used isn't supposed to matter, in the
eyes of the routing table (and in normal IP practice). Addresses are
supposed to be unique, from the point of view of any given IP host, in
other words. This is the problem NAT was invented to solve. Some
routing protocols deal with this in ways, but, again, these protocols
assume that if the address is the same, it's going to the same host.
But you already knew all that.....and I know you already knew all that.
> 3) A pony.
Choice three, like much of the whole IP routing infrastructure, leaves
piles of poo lying around in too many places....
More information about the CentOS