Send outbound traffic over floating IP

January 25, 2018 3.9k views
Networking Ubuntu 16.04
enewel3
By:
enewel3

Is it possible to route outbound traffic from a droplet through its floating IP. I.e., make http requests from the droplet that appear to originate from the floating IP?

Log In to Comment
4 Answers
asb MOD January 25, 2018
Accepted Answer

The short answer is yes. The longer answer is that it depends on the software you are using to make the request. It needs to expose some way of binding to a particular interface. If it does, you'll need to find what we call the "anchor IP" and use it. The easiest way to find the anchor IP is to inspect your Droplet's metadata. From the Droplet, run:

  • curl -s http://169.254.169.254/metadata/v1/interfaces/public/0/anchor_ipv4/address

In my case, it returns 10.10.0.8 If you wanted to make your request with curl you could then use:

  • curl --interface 10.10.0.8 https://example.com

Or with wget you would use:

  • wget --bind-address=10.10.0.8 https://example.com

In both cases, example.com would now see the request as coming from my Floating IP not my Droplet's IP address.

Check out this tutorial for more info on Floating IPs: How To Use Floating IPs on DigitalOcean In particular, see the section on "Droplet Anchor IPs."

How To Use Floating IPs on DigitalOcean
by Melissa Anderson
A DigitalOcean Floating IP is a publicly-accessible static IP address that can be mapped to one of your Droplets. A Floating IP can also be instantly remapped, via the DigitalOcean Control Panel or API, to one of your other Droplets in the same datacenter. This instant remapping capability grants you the ability to design and create High Availability (HA) server infrastructures by adding redundancy to the entry point, or gateway, to your servers.
Reply
apexinvesting January 22, 2019

Step 1. Run this command to get the gateway for the floating IP

curl -s http://169.254.169.254/metadata/v1/interfaces/public/0/anchor_ipv4/address

Step 2. Run this command to make all outgoing connections appear to come from your floating IP, where $gatewayip$ is the ip obtained from the previous command:

route add default gw $gatewayip$

Someone could make a script to automate that in one shot.

Reply
basz February 11, 2019

@apexinvesting
Hi, running route add default gw ip-number kills the current ssh connection and afterwards, it seems I am unable to log in again.

Reply
ray.moncada March 8, 2019

here you go, This is the answer you are looking for: https://blog.programster.org/openvpn-digitalocean-ip-alias

Reply
Have another answer? Share your knowledge.

Related Questions