开发者

How to route TCP/IP responses through a different interface?

开发者 https://www.devze.com 2023-03-08 02:48 出处:网络
I have two machines each with two valid network interfaces, an Ethernet interface eth0 and a tun/tap interface gr0. The goal is to start a TCP connection on machine A using interface gr0 but then have

I have two machines each with two valid network interfaces, an Ethernet interface eth0 and a tun/tap interface gr0. The goal is to start a TCP connection on machine A using interface gr0 but then have the responses (ACKs, etc) from machine B come back over the Ethernet interface, eth0. So, machine A sends out a SYN on gr0 and machine B receives the SYN on its own gr0 but then sends its SYN/ACK back through eth0. The tun/tap device is a GNU Radio wireless link and we just want the responses to come through the Ethernet.

What's the easiest way to accomplish this? I need to research more on TCP/IP, but I was initially thinking that source-spoofing outgoing packets would tell the receiver to respond to the spoofed address (which should ge开发者_StackOverflow中文版t routed to eth0). This would involve routing the IPs from the tun/tap interfaces through gr0 and leave the other traffic to eth0.

We are using Linux and a Python solution would be preferable.

Thanks for looking!


You could add an additional address to the lo interface on each system and use these new addresses as the TCP connection endpoints. You can then use static routes to direct which path each machine takes to get to the other machine's lo address.

For example:

Machine A:
  ip addr add 1.1.1.1/32 dev lo
  ip route add 2.2.2.2/32 dev eth0 via <eth0 default gateway>

Machine B:
  ip addr add 2.2.2.2/32 dev lo
  ip route add 1.1.1.1/32 dev gr0

Then bind to 1.1.1.1 on machine A and connect to 2.2.2.2.


You may be interested in enabling logging of martian packets net.ipv4.conf.all.log_martians, and disable reverse path filtering net.ipv4.conf.<interface>.rp_filter on the affected interfaces.

This sysctl vars are accesible via the sysctl utility and/or the /proc filesystem.

0

精彩评论

暂无评论...
验证码 换一张
取 消