Friday, December 4, 2015

networking - routing multiple IPs on a single bond device - debian linux

I'm using linux server with nginx and additional IP-addresses for various web-sites.
It has main eth0 device with ipv4 (xx.xxx.210.245) and ipv6 (xxxx:xxxx:xxxx:xxxx:xxxx:ffff:6189:d2f5) and bond0 (xx.xxx.92.134), bond0:1 (xxx.xxx.22.68), bond0:2 (xx.xxx.39.43). bond0:3 (xxx.xxx.11.118) and etc devices with additional IPs assigned to them. IPs are from various locations, not from one subnet. My websites are available from internet by this IPs and all of them have their own domain names.




The problem is that if I'll check the outgoing IPs with php and curl like this:



//$ch = curl_init('http://whatismyip.org/'); // ipv6
$ch = curl_init('http://ipinfo.io/ip'); // ipv4
curl_setopt($ch,CURLOPT_RETURNTRANSFER,TRUE);
$myIp = curl_exec($ch);
echo $myIp;
?>



, then it I will see my main server IPv4 in each ipv4 check (via ipinfo.io/ip) and main server IPv6 in each ipv6 check (via whatismyip.org). And it happens with every domain on additional IPv4 that I have.



How to configure such a network with multiple IPs, so it will be possible to keep all outgoing connections through each of this IPs?
So if I will make mentioned curl php check on bond0:2 (xx.xxx.39.43) or bond0:3 (xxx.xxx.11.118), then I will have their IPs in both ipv4 check (via ipinfo.io/ip) and ipv6 check (via whatismyip.org)?



Additional infofmation:



route -n




Kernel IP routing table

Destination Gateway Genmask Flags Metric Ref Use Iface

0.0.0.0 xx.xxx.210.254 0.0.0.0 UG 0 0 0 eth0

xxx.xxx.11.118 0.0.0.0 255.255.255.0 U 0 0 0 bond0

xx.xxx.210.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0



ip rule list



0:      from all lookup local

32764: from all to xxx.xxx.11.118 lookup outgoing

32765: from xxx.xxx.11.118 lookup outgoing

32766: from all lookup main


32767: from all lookup default


I've added 2 rules for bond0:3 (xxx.xxx.11.118) that is in outgoing table with this commands:



ip rule add from xxx.xxx.11.118/32 table outgoing
ip rule add to xxx.xxx.11.118/32 outgoing



And I also made this:



ip route add xxx.xxx.11.0/24 dev bond0:3 src xxx.xxx.11.118 table outgoing


But it doesn't help to reach outgoing connections via xxx.xxx.11.118 and NOT main server IP.



It's pity to notice that there is no similar questions/answers like in my topic, so I can't find the way how to get it work..
Thanks for any help!




EDIT:



I've found that this is specific problem of my server's Data Center - my support told that it's may be only possible to fix that, if we will bing mac-addresses for each additional IP, but after that connection breaks and reboot in recovery are possible.
I think it's not safe way, so I decided not to use it and find something more stable and reliable.

No comments:

Post a Comment

linux - How to SSH to ec2 instance in VPC private subnet via NAT server

I have created a VPC in aws with a public subnet and a private subnet. The private subnet does not have direct access to external network. S...