I have a CentOS 7 system with 2 NICs (eth0 and eth1).
NIC configurations:
eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 10.43.96.210 netmask 255.255.255.192 broadcast 10.43.96.255
eth1: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 146.81.34.150 netmask 255.255.255.128 broadcast 146.81.34.255
My current routing table:
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
0.0.0.0 10.43.96.193 0.0.0.0 UG 100 0 0 eth0
10.43.96.192 0.0.0.0 255.255.255.192 U 100 0 0 eth0
146.81.34.0 0.0.0.0 255.255.255.128 U 0 0 0 eth1
146.81.34.128 146.81.34.254 255.255.255.128 UG 0 0 0 eth1
169.254.0.0 0.0.0.0 255.255.0.0 U 1003 0 0 eth1
NIC eth0 is connected to 10.43.96.x network and the default gateway (10.43.96.193) is used for outgoing connections to public Internet from computers within the 10.43.96.x network.
NIC eth1 is connected to 146.81.34.128/25 network (NIC IP 146.81.34.150, netmask 255.255.255.128, gw 146.81.34.254, these are defined by the customer) and needs to access a server at IP 146.81.34.11.
Other servers from 146.81.0.0/16 network need to reach my server (146.81.34.150) with ping (through gateway 146.81.34.254). For example, server at 146.81.23.95 needs to ping my server. I don't know more about the network and routing configuration details in that network, I was told to use their gateway 146.81.34.254.
Current problem:
The customer says that other servers from 146.81.0.0/16 network (146.81.x.x) can reach the 146.81.34.128/25 network correctly (and thus can reach my server at 146.81.34.150 with ping). This is fine.
However, the other servers in 146.81.0.0/16 network now try to reach other IP addresses (in other networks than 146.81.34.128/25) through my server by using my default gateway (10.43.96.193), which should be prevented.
Question:
How should I prevent forwarded connections through this server from servers in 146.81.0.0/16 network? They should not be using the default gateway (10.43.96.193) on my server.