----- Original Message -----
From: wal <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Wednesday, December 06, 2000 9:33 AM
Subject: [SLUG] networking interface questions
> I got a small problem of which im not sure how to go about it.
> Say we have 2 links to different providers coming in to a machine.
>
> The current situation is that mail comes in and gets sent
> through link1 (using sendmail)
>
> I would like for mail to come in though link1 and get delivered
> through link2 (that way, incoming traffic through link2 is minimized).
>
> (note that i seem to use the term link to mean interface - ethernet etc
> below)
>
> Can this be done with the default route pointing at link2?
With the default going to link2, any traffic this machine routes will go out
through link2 by default. Also, any connections initiated by this machine
will go out link2 unless specifically bound to link1. Of course, replies to
these requests will also come in through link2. This is probably not what
you desire.
> Wouldnt there be a problem with this since if mx record points through
> link1, then when trying to commununiicate with a client through link2
> the machine would source the packets to appear to come from link2 and
hence
> the client would not recognise the packets.
Uh, no. Replies are *always* sent out the interface the original packet
arrived for. If a router later along the route decides to send it on a
different path, thats its decision - this is why NAT can be nasty in
multiple route/rule situations [we had similar problems with a transparent
proxy at work until recently].
> Is there a way to tell linux to source outgoing packets with the address
of the link that it came
> in from?
I think you mean: s/from/for/
This always happens with TCP anyway [if it didn't, things would break.
fast.]. With UDP, its up to the program to decide how to behave. [Usually
they behave well and reply on the interface they were contacted on, since
clients would probably go "huh?!" if they didn't].
In fact... if this didn't work, our NAT rig at work wouldn't work at all.
> I believe the problem can be solved by having another sendmail machine
> but i dont want to do this unless theres no other way.
This would be the simpleist solution.
Link1 -[MX]-> MailHandler -[smarthost]-> MailSender -[default route]-> link2
> Can ipchains help?
No.
> Or a NAT device?
No.
> Any help or suggestions on this matter?
You could possibly use Policy Routing to help. I'm not sure which tool you
use to set up policy routes - I've never had to do this myself to date.
+-================================================-+
| Crossfire | This message was brought to you |
| [EMAIL PROTECTED] | on 100% recycled electrons |
+-================================================-+
--
SLUG - Sydney Linux User Group Mailing List - http://slug.org.au/
More Info: http://slug.org.au/lists/listinfo/slug
