route output traffic from specific NAT'ed VM via ip alias

Question

In a dedicated server with several containers behind NAT, I'm trying to route the output / outbound traffic from one of the containers through a specific virtual interface attached to the main physical interface. Both interfaces have public IPs assigned to them.

The chain would look as follows:

OpenVZ container (10.10.10.2) > Host system (eth0:0; IP:1.2.3.4) > internet

as opposed to the current

OpenVZ container (10.10.10.2) > Host system (eth0; IP:5.6.7.8) > internet

I believe this can be done with an iptables postrouting rule

Tried with 'route add -host 10.10.10.2 dev eth0:0' but then the inbound routing is lost. — manchine, May 16 '15 at 01:27

score 0 · Answer 1 · answered May 16 '15 at 02:40

0

As it turned out, a simple postrouting rule did the trick.

iptables -t nat -A POSTROUTING -s '10.10.10.0/24' -o eth0 -j SNAT --to 1.2.3.4

I also had to delete a bunch of MASQUERADE postrouting rules that were just creating a big mess.

answered May 16 '15 at 02:40

manchine

51
1
7

route output traffic from specific NAT'ed VM via ip alias

1 Answers1