I have set up a secondary IP address in the same network as my primary. So eth0: 192.168.100.29 netmask 255.255.255.0 eth0:0 192.168.100.45 netmask 255.255.255.0 And indeed when I invoke an apache instance that listens on the secondary IP address/interface it works, and it also makes it outside the LAN since the default gateway is defined in the routing tables for 192.168.100.0/24. But I'd like to be able to send out some sort of broadcast on the network from that secondary interface so that the arp tables on various devices on the network get updated. How would I, say, use nmap to do something like that? Is there a generic way to force a particular program to use a secondary IP address instead of the default primary? Obviously, something like BIND or Apache httpd has that hardcoded in so that you can tell them to use secondaries via their configuration files. But how about those programs that don't? === Al
Dennis Gilmore
2007-Mar-05 20:19 UTC
[CentOS] Sending traffic through Secondary IP Address
On Monday 05 March 2007 02:09:21 pm Al Sparks wrote:> I have set up a secondary IP address in the same network as my primary. > > So > eth0: 192.168.100.29 netmask 255.255.255.0 > eth0:0 192.168.100.45 netmask 255.255.255.0 > > And indeed when I invoke an apache instance that listens on the secondary > IP address/interface it works, and it also makes it outside the LAN since > the default gateway is defined in the routing tables for 192.168.100.0/24. > > But I'd like to be able to send out some sort of broadcast on the network > from that secondary interface so that the arp tables on various devices on > the network get updated. > > How would I, say, use nmap to do something like that? Is there a generic > way to force a particular program to use a secondary IP address instead of > the default primary? > > Obviously, something like BIND or Apache httpd has that hardcoded in so > that you can tell them to use secondaries via their configuration files. > > But how about those programs that don't?ping -I 192.168.100.45 <destination> or ping -I eth0:0 <destination> -I tells ping what interface to send the packet out -- Dennis Gilmore, RHCE
mike.redan at bell.ca
2007-Mar-05 20:26 UTC
[CentOS] Sending traffic through Secondary IP Address
<snip>> How would I, say, use nmap to do something like that? Is > there a generic way to force a particular program to use a > secondary IP address instead of the default primary? ><snip>> > But how about those programs that don't? > === Al > >The only *generic* way that I know of, is to use IPTables to source-NAT your outbound connections. This will work OK if you have specific services in mind, you could just SNAT based on Destination port.can't remember off the top of my head if IPTables can mangle traffic based on the application...I seem to remember no, tho. This would not work so good for nmap example you gave unfortunteatly. Mike
>> How would I, say, use nmap to do something like that? Is >> there a generic way to force a particular program to use a >> secondary IP address instead of the default primary? >> > <snip> >> >> But how about those programs that don't? >> === Al >> >> > > The only *generic* way that I know of, is to use IPTables to > source-NAT your outbound connections. This will work OK if you > have specific services in mind, you could just SNAT based on > Destination port.can't remember off the top of my head if > IPTables can mangle traffic based on the application...I seem to > remember no, tho. > > This would not work so good for nmap example you gave > unfortunteatly.That's actually intriguing. I think I'll try it out sometime. In any case, the ping solution provided by Dennis will meet my needs in this particular case. Thanks to you both. === Al