centos 6.5 - Route specific domain traffic thru specific Network Interfaces (eth0:1)

Question

I wonder if I have a VPS with 2 Network Interfaces (1.1.1.1 AND 2.2.2.2) and 1.1.1.1 set as primary ...

eth0 = 1.1.1.1
eth0:1 = 2.2.2.2

Now I want to route all traffic for domain.com (I don't know the domain if it's using Cloudflare) to pass thru the IP 2.2.2.2 eth0:1

ex1:

if ill run wget domain.com it will pass thru 2.2.2.2 eth0:1
but run wget google.com it will pass thru 1.1.1.1 eth0

ex2:

if I go to "whatismyip.com" to pass thru eth0 so it will show that my IP is "1.1.1.1"
but if I go to "whatismyipaddress.com" it's pass-thru eth0:1 so it will show that my IP is "2.2.2.2"

Please take a look at https://meta.serverfault.com/a/6063/214507 — kasperd, Aug 27 '18 at 07:42

score 1 · Answer 1 · answered Aug 27 '18 at 14:48

There are a few things to consider:

Linux routing does not handle domain names

There are plenty of configuration options for routing on linux, but none which accept bare domain names. After all, we're talking about IP routing. So rules have to be defined for IP addresses, which will obviously "break" when a domain's DNS record(s) change.

Interface preference

In this case, there are 2 interfaces providing a route to the same subnet (0.0.0.0/0, aka the Internet). In order to tell the Kernel to prefer a specific interface, we need to apply Policy-Based Routing (PBR).

As the name implies, Policy-Based routing works by defining a policy (aka. "rule") to determine which interface to use. Without policies, the kernel will chose the first route matching a destination's network.

Routes, Rules, Tables

The kernel uses routes to determine how to handle packets. A route is a simple definition which includes the destination address and link (interface) to use.

Routes are grouped in tables, which table is used relies on the policies defined.

A policy (or rule) tells the kernel which table to examine to route packets. The policy's definition includes a packet's source, destination and routing table to be examined.

Display current routes and policies

To display the routes currently used by the system, execute ip route

This shows all entries in the main routing table. Other tables can be accessed by running ip route show table <tablename>.

To display currently used policies, execute ip rule

This lists all policies/rules used by the kernel. They are iterated from top to bottom, until one rule matches the packet being handled.

Example

echo "101 out1" >> /etc/iproute2/rt_tables
ip rule add from all to 3.4.5.6 table out1
ip route add default via 10.0.0.1 dev eth0 src 1.1.1.1 table out1
ip route add 10.0.0.0/8 dev eth0 src 1.1.1.1 table out1

These commands will create a new routing table out1 and add 10.0.0.1 as the gateway to access the internet. Traffic going to 3.4.5.6 (which needs to be replaced with an actual, resolved IP address of the target domain) will be sent through the default gateway defined in the out1 table, using the specified device eth0 and IP 1.1.1.1.

I'd recommend reading some existing tutorials and guides to familiarize yourself with terminology. Search for iproute2 and linux advanced routing and traffic control.

And last, but not least: Test your changes before applying them on a live system. Mistakes do happen, I personally prefer to fry a VM instead of a remote server.