I recently came up against a bit of an issue whilst working on my MacBook Pro in the office, due to the environment we work in access to the outside world is tightly controlled by our firewall, and although I love to spend countless hours adding and tweaking rules (not strictly true) – I wanted to find a better solution for routing traffic to certain sources over certain connections.
Now – there’s a couple of fairly major caveats on this ‘how-to’ and that is that a second network needs to be available and that the gateway addresses are different.
For the purposes of this tutorial, my wired lan connections IP address is 10.0.0.1 and my wireless connections IP address 192.168.2.2.
The tutorial was born from my laptop’s need to communicate with Stanford Universities Folding@Home client, which needed to communicate with its job server 184.108.40.206* to upload and download new work packages. (*This is one IP address of many used)
Knowing I had my unrestricted wireless connection available I knew I wouldn’t have any issues, however as my MacBook’s service order is always set to use the cabled connection first – the client would always try sending over that and then fail.
Working around this is however, fairly straight forward and easy to achieve. All I needed to do was to direct all the network traffic to Stanford’s servers over my wireless connections gateway.
To do this, all you need to do is fire up a terminal session and type the following:
Sudo route add 220.127.116.11 192.168.2.1
Upon hitting return you should be prompted for your ‘sudo’ password, once added the route will then be added to the routing table. Thus forcing all traffic to that address to ignore my service order, and default to the wireless connection to send/receive traffic. Obviously – this is a pretty unique situation, and outside of that network traffic will then start failing. To rectify that, and remove the entry from the routing table you will again need a terminal session, and to type the following:
Sudo route delete 18.104.22.168
Obviously you will need to replace the IP Addresses where appropriate.
If you’ve a better way of dealing with such issues I would really be interested to hear them – let me know using the comments section below.