5 Replies Latest reply: Oct 6, 2010 8:58 PM by Rick Anderson
Rick Anderson Level 2 Level 2 (165 points)
Trying to get my head around a potential upcoming project and I'm getting into unfamiliar territory.

I'm wondering if you can use the route command to direct traffic to a specific Ethernet interface. I've been reading about it and have reviewed the man page but I'm not sure yet.

Specifically, I have a Mac with two Ethernet ports. One is currently connected to my company network. I'm planning to get a dedicated connection to another ISP plugged into the other Ethernet port. I want to direct all http traffic to a specific host (or ideally all http traffic) to this new dedicated connection. Not sure if I'm on the right track by looking at the route command.

Would something like this work?

*route add -host 11.22.33.44 en2*

Mac OS X (10.6.4)
  • BobHarris Level 6 Level 6 (15,405 points)
    Specifically, I have a Mac with two Ethernet ports. One is currently connected to my company network. I'm planning to get a dedicated connection to another ISP plugged into the other Ethernet port. I want to direct all http traffic to a specific host (or ideally all http traffic) to this new dedicated connection. Not sure if I'm on the right track by looking at the route command.

    Would something like this work?

    *route add -host 11.22.33.44 en2*

    You would do something like

    /sbin/route add -net xxx.yyy.0.0 -netmask 255.255.0.0 -interface en2

    Where xxx.yyy.0.0 is the your company's subnet (I just gave a Class B subnet example; adjust based on how many bits your company's IP address range has (xxx.yyy.zzz.0 255.255.255 for a class C subnet).

    Since your company's IP subnet is more likely to be grouped, it would be best to add special routing for that, and have the default route be for your ISP.
  • Rick Anderson Level 2 Level 2 (165 points)
    I see. That seems like a preferable way to go. So, in your scenario, I'm instructing all traffic on our subnet to go to one interface and then allowing everything else to go through the other by default. That makes sense.

    Out of curiosity, would the scenario I'd described previously have worked in a case where I want all traffic to one particular host to be directed to a specific interface? (Just curious if what I'd come up with was on the right track or not.)
  • MrHoffman Level 6 Level 6 (13,020 points)
    IP routing doesn't particularly look at the protocols involved; it's all wads of data with IP addresses, and the path to the next host in the route to the destination. For policy-based or protocol-based IP routing, that's a fairly expensive network switch, or something running at a higher layer in the network stack such as an Apache reverse proxy.

    Make sure this host and the routing is coordinated with the local networking folks (if that's not you), as opening up a new route can be of interest to them.
  • BobHarris Level 6 Level 6 (15,405 points)
    Out of curiosity, would the scenario I'd described previously have worked in a case where I want all traffic to one particular host to be directed to a specific interface? (Just curious if what I'd come up with was on the right track or not.)

    If you wanted all 11.22.33.44 traffic to go through a specific interface, then you could do that.

    I mainly made my suggestion because most companies have a small range or IP addresses which is easy to specify via the -net and -netmask options (even if the company has a dozen different subnets, it is still easier then trying to specify every network range on the internet EXCEPT your company's

    Which interface is used for he ISP vs the rest of the internet does not matter.
  • Rick Anderson Level 2 Level 2 (165 points)
    Thanks for the follow-ups, guys. I appreciate it.