We have OpenSUSE server with a service running on it. We have two gateways on the network. One of these gateways is set as a default gateway for the server.
In this case server can accept connections which are coming through this gateway only. But it can't serve connections coming from another gateway (as far as I understand it sends responses back to default gateway but not the gateway these requests came from).
Can we setup the server to be able to serve connections from both gateways? (I have heard words "source based routing" but I am not sure if it's the case).
Best Answer
It is possible, and quite easy to setup. We will use iproute2 and iptables MARK and CONNMARK for this.
The idea is we will mark packets comming in from the second gateway (not the default gateway the server is using), and on reply we will route these packets out the same interface.
Suppose the IP address of the second gateway is 2.2.2.2 and the interface on the server connected to the gateway is eth2.
First let's set up a routing table for the second gateway (we use table 20 for this):
And set a rule that says packets marked with 200 will get routed using table 20:
You can verify using:
Now using iptables we mark packets comming in from second gateway (in interface eth2) with mark 200:
For more explanation on how these MARK and CONNMARK work, see here
If 2 of your gateways are on the same network, and your server using only one interface to connect to both of them, then definitely the iptables command number 3 above will not work. You can use another, based on MAC address like this:
Of course, AA:BB:CC:DD:EE:FF is the MAC address of the second gateway.