August 2009 Archives
Sat 29 Aug 2009 @ 22:43 (1251578635)
two local interfaces without loopback
Today I was working with Filippo
on some performance analysis. At some point we
needed to send some traffic between two different interfaces on the same Linux
box, but we did not want the traffic routed through the local loopback.
The main problem here seems to be the lack of a direct and clean way to say in
Linux: "yes, this address is on this machine, but do not use the local loopback
for the traffic originating from the same host which needs to reach it".
Different flavours of this problem have been approached in many ways, there is
also a Send-To-Self patch for the kernel.
So this is my sol^W^Wan hack to achieve that using four IP addresses, NAT, and
a few simple changes to the routing table.
needed to send some traffic between two different interfaces on the same Linux
box, but we did not want the traffic routed through the local loopback.
The main problem here seems to be the lack of a direct and clean way to say in
Linux: "yes, this address is on this machine, but do not use the local loopback
for the traffic originating from the same host which needs to reach it".
Different flavours of this problem have been approached in many ways, there is
also a Send-To-Self patch for the kernel.
So this is my sol^W^Wan hack to achieve that using four IP addresses, NAT, and
a few simple changes to the routing table.
ip l s tap1 up ip l s tap2 up ip a a 10.10.1.2/32 dev tap1 ip a a 10.10.2.2/32 dev tap2 ip r a 10.10.2.1/32 dev tap1 ip r a 10.10.1.1/32 dev tap2 iptables -t nat -A POSTROUTING -o tap1 -j SNAT --to-source 10.10.1.1 iptables -t nat -A POSTROUTING -o tap2 -j SNAT --to-source 10.10.2.1 iptables -t nat -A PREROUTING -i tap1 -j DNAT --to-destination 10.10.1.2 iptables -t nat -A PREROUTING -i tap2 -j DNAT --to-destination 10.10.2.2 arp -i tap2 -Ds 10.10.1.1 tap1 arp -i tap1 -Ds 10.10.2.1 tap2