I have CentOS 6 system - my tape backup server - that's connected to two different subnets ("100" and "158").
There is also a router (actually a firewall) that routes between subnets "100" and "158".
The server's default gateway is the router IP on subnet "158".
The server's primary management IP address is the address on subnet "158".

There are client systems on subnet "100", both management workstations and things to back up.

When I try to SSH to the management IP in 158, the default behaviour in Linux is to send the reply back out the 'closest' interface, which is the "100" interface.  This breaks things, because the router is actually a stateful firewall and I suddenly have asymmetric routing.

If I "ifconfig down" the "100" interface, suddenly everything works again... except now a large volume of traffic has to run through the firewall.

I'm trying to follow the various guidelines I've found for doing "ip rule" rules, but none of them seem to work.

Has anyone here accomplished this sort of thing before?


Avant logo Adam Thompson
Senior Systems Administrator
voice: 204.789.9596 x24 | email: athompson@avant.ca | web: avant.ca