The Linux Page

Asymmetric Routing—reply via the correct Ethernet connection

I've been looking around every now and then to try to understand how I could create a server that replies on the correct Ethernet port.

The idea is simple, we have very powerful servers that can handle many requests, more requests that one Ethernet port can handle. In other words, we could have 2, 3, 4, probably even 10 Ethernet connections (it really depends on your application, of course: how much RAM you need, how much processing is necessary for each access, etc.)

The solution is to use the ip command line which allows us to add default gateways for each ethernet card based on the incoming message. So if the message came from Ethernet port 1, we can reply back to Ethernet port 1 by testing the IP address using a very simple trick: a priorities list of routes that are used depending on the IP address, very much the same as the ipfilter system works.

I found a very interesting article about the feat on Linux Journal:

Overcoming Asymmetric Routing on Multi-Homed Servers

There are a few instructions that they present:

#ip route add default via dev eth0 tab 1
#ip route add default via dev eth1 tab 2
#ip route show table 1
default via dev eth0
#ip route show table 2
default via dev eth1
#ip rule add from tab 1 priority 500
#ip rule add from tab 2 priority 600
#ip rule show
0:      from all lookup local 
500:  from lookup 1
600:  from lookup 2 
32766:  from all lookup main 
32767:  from all lookup 253 
#ip route flush cache

These few instructions generate the necessary entries in the list of ip rules to force traffic from back eth0 and traffic from through eth1.

A few more possibly helpful links: