[CentOS] Addressing outgoing connections to a specific interface

Lamar Owen lowen at pari.edu
Sat Nov 6 20:44:49 UTC 2010

On Nov 6, 2010, at 4:05 PM, Dotan Cohen wrote:

> On Sat, Nov 6, 2010 at 20:51, Lamar Owen <lowen at pari.edu> wrote:
>> But at the end you would access and it would get
>> translated to at the eth0 point and wouldn't interfere
>> with the wlan0 version of the address.  I'm not exactly
>> 100% sure it can be done without an external NAT box, but a small
>> external router that can do NAT would make it much easier.
> That is not what I am trying to do, I will try to rephrase:
> I have a laptop connected to two network interfaces: eth0 and wlan0.
> Each interface connects to a different LAN. Both LANs have machines on
> the address that I must access via port 80 in a web
> browser.
> I don't need to access each one at the same time, but I do need to
> leave both interfaces up for other software running on this machine.
> CentOS 5.5, Dell Inspiron laptop.

Right, I understood that.  If you did a NAT you would access the WLAN  
one with its native, and the other one on eth0 with the  
translated (also RFC 1918) address, whatever you might have set that  
to.  Now, I do realize that some routers will re-inject their IP  
address into URLs, and that might break things; fixable using DNS, but  
that's neither here nor there.

And your machine itself needs access to both routers at the same time,  
whether you do or not, as you've described things, since one of those  
routers is the default gateway for the machine.

> I suppose that I need either:
> 1) An address system such as eth0: and wlan0:
> (syntax invented to illustrate idea, it doesn't really work!)
> -or-
> 2) A way to do something like this as a user without affecting other  
> users:
> $ export INTERFACE=eth0
> $ lynx
> $ export INTERFACE=wlan0
> $ lynx

2.5) The iptables -mowner --uid-owner rule might help you. (see http://www.frozentux.net/iptables-tutorial/iptables-tutorial.html#OWNERMATCH 

It has breakage as noted in the tutorial, however.

Packet routing isn't designed to switch between multiple devices with  
the same address; the interface used isn't supposed to matter, in the  
eyes of the routing table (and in normal IP practice).  Addresses are  
supposed to be unique, from the point of view of any given IP host, in  
other words.  This is the problem NAT was invented to solve.  Some  
routing protocols deal with this in ways, but, again, these protocols  
assume that if the address is the same, it's going to the same host.   
But you already knew all that.....and I know you already knew all that.

> -or-
> 3) A pony.

Choice three, like much of the whole IP routing infrastructure, leaves  
piles of poo lying around in too many places....

More information about the CentOS mailing list