SNAT& iptables in Centos

Question

i have a remote server where I have added a new FAILOVER IP in a new interface, ETH0:0. Everything works perfectly; IP is setup. I want the traffic that is coming from ETH0:0 to use the ETH0:0 as the IP source. For example, when I send emails from my SERVER it uses The ETH0 IP which is not what I want.

So, the traffic coming from ETH0 use its IP in Source IP of The Packet, and the traffic coming from ETH0:0 uses its IP and so on. Here is what I have tried:

iptables -t nat -A POSTROUTING -p tcp -o eth0:0 -j SNAT --to-source 51.XXX.XXX.XXX ;

Where the interface ETH0:0 Has the IP 51.XXX.XXX.XXX

score 0 · Answer 1 · answered Oct 31 '15 at 14:27

Almost every server has option to bind it to selected IP/interface. You have to set it to the IP on interface eth0:0.

For postfix check http://www.postfix.org/postconf.5.html option inet_interfaces.

In /etc/postfix/main.cf add/change line:

inet_interfaces = 51.XXX.XXX.XXX, 127.0.0.1

This will ensure proper IP for outgoing packets but server will be accessible only on IP 51.XXX.XXX.XXX and 127.0.0.1.

Similar configuration change can be done in your server software. Probable options names: bind, listen.

SNAT& iptables in Centos

1 Answers1