On 2/10/21 2:15 AM, Marco Gaiarin wrote:
I can use SNAT to change source IP but... there's some more 'elegant' solution?
You /might/ need to use SNAT / MASQUERADE.
Surely, best solution would be to work as 'application level', eg instruct exim to use for some traffic only the scecific source interface but... seems not possible, or too complex to achive.
Typically, as in kernel default, the source IP is chosen based on the IP of the outgoing interface, which is chosen based on routing to the destination.
If you are overriding this routing decision and forcing traffic out a different route, then there is a decent chance that the kernel will pick the wrong source IP. In situations like this, I expect that you will need to SNAT / MASQUERADE.
Some applications have options to bind to a specific IP. Others might have options to specify what IP to use for different things, though I wouldn't hold my breath. -- In almost all cases, the decision of what source IP to use is left up to the kernel.
-- Grant. . . . unix || die
Attachment:
smime.p7s
Description: S/MIME Cryptographic Signature
