将传出流量绑定到eth0而不是eth0：1 [英] Bind outgoing traffic to eth0 instead of eth0:1

问题描述

我们在linux（debian）机器上添加了第二个IP-Adress，以便为新的Apache vhost实现第二个SSL证书。

We added a second IP-Adress to a linux (debian) machine to implement a second SSL-certificate to a new Apache vhost.

我们的 ifconfig 现在看起来像这样：

Our ifconfig now looks like this:

eth0      Link encap:Ethernet  Hardware Adresse 00:0c:29:1b:ab:6c
          inet Adresse:999.999.999.39  Bcast:999.999.999.63  Maske:255.255.255.192
          inet6-Adresse: (...)/64 Gültigkeitsbereich:Verbindung
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metrik:1
          RX packets:219336884 errors:0 dropped:0 overruns:0 frame:0
          TX packets:223169420 errors:0 dropped:0 overruns:0 carrier:0
          Kollisionen:0 Sendewarteschlangenlänge:1000
          RX bytes:1971307659 (1.8 GiB)  TX bytes:713489565 (680.4 MiB)

eth0:1    Link encap:Ethernet  Hardware Adresse (...)
          inet Adresse:999.999.999.40  Bcast:999.999.999.63  Maske:255.255.255.192
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metrik:1

问题：所有传出流量（MySQL连接到外部数据库服务器，传出SMTP连接来自postfix）现在似乎通​​过eth0：1离开，因此第二个（新）IP 999.999.999.40。

Problem: All outgoing traffic (MySQL connections to external DB-server, outgoing SMTP connections from postfix) now seems to leave through eth0:1, hence the second (new) IP 999.999.999.40.

我们如何强制所有传出流量通过eth0，IP-adress离开999.999.999.39？

How can we force all outgoing traffic to leave through eth0, IP-adress 999.999.999.39?

输出路线：

[n1 ~ #] route
Kernel-IP-Routentabelle
Ziel            Router          Genmask         Flags Metric Ref    Use Iface
localnet        *               255.255.255.192 U     0      0        0 eth0
10.10.10.0      *               255.255.255.0   U     0      0        0 eth1
default         gateway4.XXX    0.0.0.0         UG    0      0        0 eth0
default         gateway4.XXX    0.0.0.0         UG    0      0        0 eth0

找到解决方案：

感谢你的提示， ip route 是要走的路，现在它可以作为希望。

Thanks for your hints, ip route was the way to go, now it works as desired.

ip rule add from 999.999.999.39 table t1
ip rule add from 999.999.999.40 table t2
ip route del default via 999.999.999.1
ip route add default 999.999.999.1 dev eth0 table t1
ip route flush cache

推荐答案

我想你必须使用 route 命令告诉系统如何路由包。
类似于：

I think you'll have to play with the route command to tell the system how to route the packets. Something like :

route add -net APACHE_VHOST_IP netmask 255.255.255.0 dev eth0:1

强制APACHE_VHOST_IP目的地的数据包使用eth0：1接口。

to force the packet in destination of APACHE_VHOST_IP to use the eth0:1 interface.

和

route add -net MYSQL_SERVER_IP netmask 255.255.255.0 dev eth0

强制MYSQL_SERVER_IP目的地的数据包使用eth0接口。

to force the packet in destination of MYSQL_SERVER_IP to use the eth0 interface.

这篇关于将传出流量绑定到eth0而不是eth0：1的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！