On Mon, Jan 20, 2014 at 7:25 AM, <fr...@3dn.nl> wrote:
> On 20.01.2014 12:42, li...@rhsoft.net wrote:
>
>> Am 20.01.2014 12:25, schrieb fr...@3dn.nl:
>>
>>> I'm trying to have postfix use smtp_bind_address with the address set to
>>> multiple IP-aliasses (eg. eth1:0, eth1:1
>>> etc.). As the default gateway is on eth0 and IP packets get routed based
>>> on their destination, it still seems that
>>> despite the smtp_bind_address setting, packets get directed out of eth0.
>>>
>>> What's the proper solution to this?
>>>
>>
>> please *always* post your configuration and logfiles to
>> show your problem instead a abstract description
>>
>> did you read http://www.postfix.org/postconf.5.html#smtp_bind_address?
>>
>> - you define *one* ip-address there
>> - you define a ip-address there and *not* a interface name
>> - eth1:0 is *not* a interface, the interface is eth1
>>
>> the intention of "smtp_bind_address" is on machines with more then one
>> ip-address to define the one used for outgoing connections to match
>> hostname/PTR/SPF
>>
>
> Yes I read that page and understand it. Sorry I wasn't more clear, I
> should have said 'eg. the IP-addresses configured on eth1:0, eth1:1. I know
> an IP address is not an interface.
>
> I can't simply attach the literal config file, my employer might not
> appreciate me disclosing such information, but let me show you what I've
> done.
>
> - First: in main.cf I added 'sender_dependent_default_transport_maps =
> hash:/etc/postfix/sender_transport'
> - Second: I create /etc/postfix/sender_transport with lines looking like:
> '@3dn.nl smtp3dn:'
> - Third: I ran postmap on the sender_transport file
> - Fourth: I added a line 'smtp3dn unix n - n - -
> smtpd -v -o smtp_bind_address=172.24.25.19' to master.cf
>
> 172.24.25.19 is configured to be on eth1:0.
>
> The default gateway goes out over eth0. Based on the destination
> IP-address of the remote MTA, the kernel decides that it's not in a local
> network so it sends it out over eth0 as that's where the default gateway is.
>
> eth0 and eth1 are in different VLAN's, I must send SMTP out over eth1[:*]
> as the source addresses are NAT'ed on their way out and the NAT device is
> in eth1's VLAN but not eth0's.
>
Ok, so, I assume you have only one default gateway, through eth0. In that
case, of course the kernel will use that interface. I also assume you are
working on a relatively new Linux system.
In order to use more than one default gateway, you have to add rules to
help the kernel decide when to use each of them.
The idea is adding something like this (this is an excerpt from a test
debian system, /etc/network/interfaces):
up ip route add 10.2.20.0/24 dev wlan0 table 200
up ip route add 10.27.27.0/24 dev eth0 table 200
up ip route add 10.27.20.0/24 dev eth2 table 200
up ip route add 10.20.20.0/24 via 10.17.10.15 dev eth2 table 200
up ip route add 10.27.21.0/24 via 10.17.10.15 dev eth2 table 200
up ip route add 10.20.27.0/24 via 10.17.7.128 dev eth0 table 200
up ip route add default via 10.27.28.7 dev tap0 table 200
These commands (remove the "up" if you need to run directly on a terminal
session) will create a new routing table, with number 200, like that one:
(obtained by running
default via 10.27.28.7 dev tap0
10.21.20.0/24 dev wlan0 scope link
10.20.20.0/24 via 10.17.10.15 dev eth2
10.27.27.0/24 dev eth0 scope link
10.27.20.0/24 dev eth2 scope link
10.27.21.0/24 via 10.17.10.15 dev eth2
10.20.27.0/24 via 10.17.7.128 dev eth0
Then, you need to tell the kernel what packets to route through that
routing table, you just add a rule:
up ip rule add from 10.20.27.51/32 table 200
Still from the same configuration file. This will tell the kernel that if
a packet is coming from IP 10.20.27.51 use table 200 (instead of default
one) to find out where to send it.
Please, feel free to ask if you have any doubts.
Ildefonso.
