Rich Freeman on 16 Feb 2012 19:48:17 -0800

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

Re: [PLUG] network choice from the application level

On Thu, Feb 16, 2012 at 10:39 PM, Douglas Muth <> wrote:
> On Thu, Feb 16, 2012 at 10:09 PM, Eric at <> wrote:
>> Is it possible for the applications (PHP) to select which of the two
>> OUTGOING IP addresses it uses to talk to the database server?
> I'm not aware of any way to do that in PHP, but iptables may be an option.
> Unfortunately, I'm not that advanced with iptables.  Your best bet may
> be to make the "offending" PHP application try connecting to an
> alternate IP address or maybe an alternate port on the target machine
> and then rewriting the source and target info with iptables.

I was thinking the same thing.

I'm not sure about PHP, but from some googling the C socket APIs do
allow this.  Normally for an outgoing connection you create a socket()
and use connect() to establish an outgoing connection.  However,
in-between you could use bind() to attach that socket to a local
IP/port.  You obviously need a route from both interfaces to the

I'm not a PHP expert, but I do see the PHP command socket_bind.  There
is a good chance that will let you do the same thing.  Now, that will
get you a TCP connection, but I have no idea if it is easy to use that
connection for any of the PHP libraries for database access.  I
imagine most of those libraries assume that they're going to create
the socket they use, and this is pretty low-level stuff.

iptables might be your best bet if you want to use the high-level
apis.  I don't know if the database connections are smart enough to
figure out that the IP the packets are arriving at is not the one they
were being sent to originally.

Obviously if the server can run on separate ports or IPs that would
make life much easier...

Philadelphia Linux Users Group         --
Announcements -
General Discussion  --