On Thu, Nov 11, 2010 at 00:08, Lamar Owen <lo...@pari.edu> wrote: > Well, this runs afoul of one of the annoyances with IP. That is, IP > addresses don't belong to the host; they belong to the interface. Even on a > cisco router, to assign the router itself an interface requires a loopback > interface be created. > > I understand what you want to do; I'm just saying that, unless you can assign > a user's applications to a VRF (using cisco terminology; typically done by > binding the application to a source address in that VRF) and then use > multiple VRF's in the kernel, the kernel assumes that both references to > 192.168.0.1 refer to the same device (from the point of view of the kernel, > unless you have set up multiple routing tables, there is only one layer 3 > network here), and it will choose the interface according to other criteria > in the routing tables. > > I remember seeing your ifconfig output... yes, you had: > wlan0: 192.168.0.26/255.255.255.0 > eth0: 192.168.0.101/255.255.255.0 > > However, you didn't provide routing table output....at least, I don't > remember seeing netstat -r or ip route output. So I'm assuming that you > haven't set up multiple routing tables. > > This means, from the kernel's point of view, that wlan0 and eth0 are not only > in the same layer 3 network, but also on the same subnet/layer 2 segment > (thanks to the /24 netmask; the kernel is going to send the packets out one > of the interfaces based on the kernel's rules for local subnets). No two > hosts can have the same IP address on the same layer 2 segment; as far as the > kernel is concerned, eth0 and wlan0 are on the same layer 2 segment. ( > http://linux-ip.net/html/basic-reading.html#basic-local-network ) > > Now, if you want to do it with routing tables, you can. The difficult part > is getting the web browser to select the right source IP address (according > to which interface you want to use), and then you have to write the routing > rules based on source address. It's easier with in-kernel NAT (allowing > traffic on the default source IP address to access the desired device solely > based on the destination's IP address; and, again, I'm talking entirely from > the point of view of the kernel on host C here), but it is doable with plicy > routing and multiple tables. > > A relevant guide is found at: http://linux-ip.net/html/index.html > > It has lots of details. > > Two things have to happen: > 1.) You have to set the source IP address to bind per application or per user > or based on ENV variable; > 2.) You have to have two routing tables, with routing based on the bound > source address being on one interface or the other (since the destination > address is not unique, and since the destination address is the primary route > selector, you have to configure a secondary route selector; source IP address > is supported through policy routing) > > Again, all talk of routing here is from the kernel's point of view on host C > (in your diagram). But, even then this may or may not work, since both > networks are locally attached; you might just have to experiment with it. I > did some googling on the subject, but nothing I was able to find in a > reasonably short time fit your exact circumstances. > > I'll have to admit to some curiosity in how to do this myself; I might lab it > up one day and see, when I have more time to spend on it.
Thank you Lamar, I have spent some time googling and learning the concepts that you mention. I'm not much closer to a solution to this issue, but I have a much better understanding of IP networks. The routing tables and netmask concepts were big holes my my knowledge, and I'm the better for having invested in this query now that I've cleared some things up. Thanks. -- Dotan Cohen http://gibberish.co.il http://what-is-what.com _______________________________________________ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
