routing problem?

John Sutton john@scl.co.uk
Thu, 31 Oct 2002 18:58:03 +0000 

Many thanks for that!  It looks like exactly what I need ;-)

A google search revealed that the ip utility is part of the iproute
package and a search for iproute on rpmfind.net has turned up
iproute-2.4.7-6.src.rpm from Rawhide.  I'll get this built and see what
happens...

On Thu, 31 Oct 2002, Lorn Kay wrote:
> You can force the kernel to make the source address appear to be from a=
n IP=20
> alias address using the =93ip=94 utility and the undocumented =93src=94=
 option. For=20
> example:
>=20
> #ip route add default via 209.100.10.1 src 209.100.10.33 dev eth0
>=20
> In this example, 209.100.10.1 is the gateway, 209.100.10.33 is the IP a=
lias=20
> you want to use as a source address for outgoing pakets.
>=20
> Shouldn't be too hard to modify the (/etc/ha.d/resource.d/) IPaddr scri=
pt=20
> from Heartbeat to do this at startup/failover.
>=20
> --L
>=20
> >From: John Sutton <john@scl.co.uk>
> >To: linux-ha@muc.de
> >Subject: routing problem?
> >Date: Thu, 31 Oct 2002 17:28:13 +0000
> >
> >Hi there
> >
> >I'm not sure that this is a routing problem but maybe it can be solved=
 by
> >fiddling with the routing?  The problem is as follows:
> >
> >Currently our live system is a single machine (no redundancy, doesn't =
use
> >heartbeat, etc) but this weekend I am hoping to transfer everything ov=
er
> >onto our new primary-standby double motherboard system which is runnin=
g
> >heartbeat 0.4.9e.
> >
> >We depend for a couple of services (domain name regs with Opensrs, pay=
ment
> >gateway with Secpay) on external servers with which we have registered=
 our
> >IP address.  (This is a requirement of subscribing to the services, an=
d is
> >in the main a security consideration.)  In particular, it is the "main=
" IP
> >address i.e. the unaliased one attached to the external ether interfac=
e,
> >because this is the source address for packets which are generated by =
the
> >domain reg client code and payment settlement client code (respectivel=
y).
> >AFAIK, I can't control this except by changing the IP attached to the =
main
> >ether interface...
> >
> >Problem is, once I move over to the new hardware, the "main" IP addres=
s is
> >going to be one of 2 different IP's depending on which machine happens=
 to
> >be primary at any particular time.
> >
> >Does that make sense or am I misunderstanding something?
> >
> >No doubt (if the organisations involved will allow it) I can solve
> >this by registering _both_ main IP's on their servers but I'm wonderin=
g if
> >there is a cleaner solution.
> >
> >TIA
> >
> >***************************************************
> >John Sutton
> >SCL Internet
> >URL http://www.scl.co.uk/
> >Tel. +44 (0) 1239 711 888
> >***************************************************
>=20
>=20
> _________________________________________________________________
> Choose an Internet access plan right for you -- try MSN!=20
> http://resourcecenter.msn.com/access/plans/default.asp
--=20

***************************************************
John Sutton
SCL Internet
URL http://www.scl.co.uk/
Tel. +44 (0) 1239 711 888
***************************************************