change routing metrics of locally connected networks
I have two networking interfaces on a Solaris host serving two different subnets.
Only one of them is physically connected to the switch, but both of them are logically "UP" (it's required this way).
Let's assume iface bge0 got subnetwork 10.10.10.0 and iface bge1 got subnetwork 22.214.171.124 while bge0 is physically connected and bge1 is not.
Unfortunately it's fact that I receive packets destined to network 126.96.36.199 (bge1) on bge0. The host tries to answer on bge1 because it's directly connected to this network. For this the answer is routed into nirvana.
I know that this is some normal behaviour but I need the host to send the answer packet for 188.8.131.52 out on another interface than the one which serves the network locally. I need it to be sent out iface bge0 where the original request was received, but not out bge1.
The background for this strange environment is raised up to two facts:
- the application only serves incoming packets if the sender is in a locally connected network
- VPN connection between two hosts in the same subnet
application A configuration:
- bge0 - 10.10.10.10 physically up, logically up
- bge1 - 184.108.40.206 physically down, logically up
application B configuration:
- bge0 - 10.10.10.11 physically down, logically up
- bge1 - 220.127.116.11 physically up, logically up
app "A" sends packets via VPN to app "B"
src: 10.10.10.10 --> dst: 18.104.22.168
if bge0 is logically down on app "B", the application will refuse to process the packets
--> bge0 on app "B" is logically up raising the problem that app "B" will send the answer out bge0 (locally connected)
--> packet will never arrive at the other end of the VPN tunnel because routing configuration can only be established via bge1
Is it possible to change the routing metrics of locally connected networks (Flag "U" in routing table) to some higher than a statically inserted route to enforce routing the packets out another interface than the one which is locally connected to the network?
Is it possible to force using the default route for some network instead of using iface of the locally connected network?
Any other possibility to solve this problem without kernel hacking :( ?