[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Services in a multihomed machine


Let's suppose a server using ip-aliasing, with two public IPs (on the
same subnet): ip1 and ip2. The server runs two services:
- MTA (postfix) on ip1
- WWW (apache) on ip2
(I mean, each service is bound to only one ip, not

According to the routing table, default gateway is reached through
ip2. This means that when the server acts as a client machine it will
use always ip2.

Now let's suppose that somebody is using your MTA to send an email.
The server reads the email through ip1, and then will initiate a new
connection to a second MTA (for delivering purposes), according to the
MX record of the destination domain. Well, the problem is that this
new connection is originated from ip2 (the one used for client
purposes as well as WWW server).

I'd like that all MTA related tasks were launched always from ip1. Do
you know any way of getting this to work?

I haven't already tried it but if I'm not wrong there is a way to
create iptables rules based on system proccesses. So I had thought in
creating such a rule to mangle packets with ip2 (wrong ip) when they
are generated from postfix. Do you think it is a good idea? Would it
cause an overload in CPU time?

Which other solutions do you know to solve the problem?


PGP Fingerprint:
09BB EFCD 21ED 4E79 25FB  29E1 E47F 8A7D EAD5 6742
[Key ID: 0xEAD56742. Available at KeyServ]

Reply to: