Re: [PLUG] network choice from the application level

Rich Freeman on 16 Feb 2012 19:48:17 -0800

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

Re: [PLUG] network choice from the application level

From: Rich Freeman <r-plug@thefreemanclan.net>
To: "Philadelphia Linux User's Group Discussion List" <plug@lists.phillylinux.org>
Subject: Re: [PLUG] network choice from the application level
Date: Thu, 16 Feb 2012 22:48:11 -0500
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=mime-version:sender:in-reply-to:references:date :x-google-sender-auth:message-id:subject:from:to:content-type :content-transfer-encoding; bh=nqd5j/RlOR/RXAlz+QMyG74sNZX96NC/ulEcvuBJxnE=; b=o0GAg5BVsCfHP3MwdyqpgiJFAi1zta8nptZeiP4PRPTe8gh+49FukhIuJmvWqyjvO/ gtBFkAHvVCBa+w13dGOMsVQUF7UN6EZdZjIyC+hj2qrw5l27+OcEAK9cKnjj1VZgD0GY Cw76ZdJKUek7UhWSz1gVDTGDv12pVPxQpEDrY=
Reply-to: Philadelphia Linux User's Group Discussion List <plug@lists.phillylinux.org>
Sender: plug-bounces@lists.phillylinux.org

On Thu, Feb 16, 2012 at 10:39 PM, Douglas Muth <doug.muth@gmail.com> wrote:
> On Thu, Feb 16, 2012 at 10:09 PM, Eric at Lucii.org <eric@lucii.org> wrote:
>>
>> Is it possible for the applications (PHP) to select which of the two
>> OUTGOING IP addresses it uses to talk to the database server?
>>
>
> I'm not aware of any way to do that in PHP, but iptables may be an option.
>
> Unfortunately, I'm not that advanced with iptables.  Your best bet may
> be to make the "offending" PHP application try connecting to an
> alternate IP address or maybe an alternate port on the target machine
> and then rewriting the source and target info with iptables.

I was thinking the same thing.

I'm not sure about PHP, but from some googling the C socket APIs do
allow this.  Normally for an outgoing connection you create a socket()
and use connect() to establish an outgoing connection.  However,
in-between you could use bind() to attach that socket to a local
IP/port.  You obviously need a route from both interfaces to the
destination.

I'm not a PHP expert, but I do see the PHP command socket_bind.  There
is a good chance that will let you do the same thing.  Now, that will
get you a TCP connection, but I have no idea if it is easy to use that
connection for any of the PHP libraries for database access.  I
imagine most of those libraries assume that they're going to create
the socket they use, and this is pretty low-level stuff.

iptables might be your best bet if you want to use the high-level
apis.  I don't know if the database connections are smart enough to
figure out that the IP the packets are arriving at is not the one they
were being sent to originally.

Obviously if the server can run on separate ports or IPs that would
make life much easier...

Rich
___________________________________________________________________________
Philadelphia Linux Users Group         --        http://www.phillylinux.org
Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce
General Discussion  --   http://lists.phillylinux.org/mailman/listinfo/plug

Follow-Ups:
- Re: [PLUG] network choice from the application level
  - From: "Eric at Lucii.org" <eric@lucii.org>

References:
- [PLUG] network choice from the application level
  - From: "Eric at Lucii.org" <eric@lucii.org>
- Re: [PLUG] network choice from the application level
  - From: Douglas Muth <doug.muth@gmail.com>

Prev by Date: Re: [PLUG] network choice from the application level
Next by Date: Re: [PLUG] It came from... the HOLD SPACE
Previous by thread: Re: [PLUG] network choice from the application level
Next by thread: Re: [PLUG] network choice from the application level
Index(es):
- Date
- Thread