I still do not understand something. The thread started with: i have a server with 2 public ips on 2 devices. I want that the request of incoming traffic dont use the default gateway. Incoming traffic sould be answered using the gateway of the incoming device Could i realize this with firewalld? Or directly iptables? ##END OF QUOTE Which means he has 1 server with two gateway devices which each has it's own broadcast space\network. It's not clear to me if there are two gateways in the same broadcast\network or not. if it's on the same network then he must have some routing rules and the issue is not about a specific src address but about a connection.. Now with both of these devices there he has an issue. He sure needs to use basic routing skills to make it work using some metrics if he wants a static routing setup... but when it becomes almost asymmetric it is possible to have a "reverse-path" routing situation which is because the server has two default gateways and not one. For this situation he cannot utilize the source address but only the source mac address unless these 2 devices are some sort reverse proxies which in this case do not require any routing settings at all and not even a default gateway or direct Internet access. So from what I understood he will need to do some connection marking by the MAC address if these two devices are two routers which does NAT. Eliezer On 28/12/2015 09:22, Gordon Messmer wrote: > No, but you don't have to. In the scenario presented, two links with > two IP addresses in different broadcast domains, traffic that is sent in > response to requests received on the second link/IP address will have > the second IP address in the source address field. You can use that as > the rule. > > Remember that Ethernet and IP are separate technologies. You can make > routing policies entirely in the IP layer without mixing in Ethernet > stuff like MAC addresses.