Vesta Control Panel - Forum

Hi there,

Am unsure if my question is Vesta related or not, however I thought I'll try my luck here.

Is there any way I can route all outbound traffic through a different network interface?

I've got two network interface, each with two static IPs
eth0 (192.168.1.4) and eth0:1 (192.168.1.5)
eth1 (192.168.2.4) and eth1:1 (192.168.2.5)

I have added all the IPs in Vesta admin panel and a web app is active with the static IP eth0. Is it possible to have all incoming traffic through eth0 and all outgoing traffic through eth1 or may be eth0:1

Alternatively, if there is a way to make the website/virtualhost listen on all IPs, then I can use firewall to block incoming and outgoing on respective IPs.

Using CentOS 7.

Any help will be appreciated. Apologies if this is not the right place to query this.

Yes, the first step is to set the default gw. If you set it to, for example, 192.168.2.1 (or what is your gateway ip), the server will respond to all traffic via it.
Also default gateway rewrites the route for 0.0.0.0/0 subnet.

Another idea is to set SRC address in the routing table or firewall rules.

I have added all the IPs in Vesta admin panel and a web app is active with the static IP eth0. Is it possible to have all incoming traffic through eth0 and all outgoing traffic through eth1 or may be eth0:1

It is very strange and maybe unstable configuration (let's imagine that after reboot the eth0 and eth1 will be swapped). What task do you want to resolve using such the configuration?

Alternatively, if there is a way to make the website/virtualhost listen on all IPs, then I can use firewall to block incoming and outgoing on respective IPs.

Yes, there is such solution. You just need to set the correct Listen directive in your http server.

gecube_ru wrote:Yes, the first step is to set the default gw. If you set it to, for example, 192.168.2.1 (or what is your gateway ip), the server will respond to all traffic via it.
Also default gateway rewrites the route for 0.0.0.0/0 subnet.

Thanks @gecube_ru

I somehow managed to resolve the query.

So eth0 was the default gateway with the IP 192.168.1.4. Created a website example.com with my default settings (httpd as web server and nginx as reverse proxy. After installing Letsencrypt SSL on the site, I made the following changes.

/home/user/conf/web/httpd.conf and /home/user/conf/web/shttpd.conf
Changed the first line to
/home/user/conf/web/nginx.conf and /home/user/conf/web/snginx.conf
Changed the second line to Making the above changes made example.com accessible on both IP addresses 192.168.1.4 and 192.168.1.5. Once this was done, I blocked all incoming traffic on the default IP 192.168.1.4. So that way, all outbound traffic uses default 192.168.1.4, however the site is accessible only from 192.168.1.5. Not straightforward, but it worked.

I have just one website on my server and hence I haven't made any changes to the default templates at /usr/local/vesta/data/templates/web/. Not sure if I need to.