Hi all, When try to move a local route (for an ip addr configured locally) to a different route table from the local one I can no longer ping the address. My suspicion is that the local (0) table is "special" and used directly without regard for the rules in some circumstances, but I'd like to confirm that what I'm trying to do isn't possible before giving up! here's the rule for my new local2 table: cogneo:~ 11:28am # ip rule ls 0: from all lookup local 100: from 192.168.2.1 lookup redir <-- eventual trickiness 200: from all lookup local2 <-- new table 32766: from all lookup main 32767: from all lookup default and i moved a single 'local' route to that table (removed from local, added to local2): cogneo:~ 11:27am # ip route ls table local2 local 66.33.206.41 dev eth1 proto kernel scope host src 66.33.206.41 cogneo:~ 11:27am # ip route ls table local local 10.3.64.2 dev eth0 proto kernel scope host src 10.3.64.2 local 10.3.64.2 dev eth1 proto kernel scope host src 10.3.64.2 broadcast 192.168.2.255 dev tunl2 proto kernel scope link src 192.168.2.1 broadcast 127.255.255.255 dev lo proto kernel scope link src 127.0.0.1 broadcast 66.33.206.0 dev eth1 proto kernel scope link src 66.33.206.41 broadcast 10.3.64.0 dev eth1 proto kernel scope link src 10.3.64.2 local 192.168.2.1 dev tunl2 proto kernel scope host src 192.168.2.1 broadcast 192.168.2.0 dev tunl2 proto kernel scope link src 192.168.2.1 broadcast 66.33.206.255 dev eth1 proto kernel scope link src 66.33.206.41 broadcast 10.255.255.255 dev eth1 proto kernel scope link src 10.3.64.2 broadcast 10.3.64.255 dev eth1 proto kernel scope link src 10.3.64.2 broadcast 127.0.0.0 dev lo proto kernel scope link src 127.0.0.1 local 127.0.0.1 dev lo proto kernel scope host src 127.0.0.1 broadcast 66.255.255.255 dev eth1 proto kernel scope link src 66.33.206.41 local 127.0.0.0/8 dev lo proto kernel scope host src 127.0.0.1 Once i do that, i can no longer ping 66.33.206.41. (I can before i make the change, and if i move the route back to the local table. I also verified that the 100 rule wasn't to blame.) Is this destined to not work? My end goal with this is to allow monitoring of realservers on a linux virtual server director box. With the TUN or DR directing mechanisms, the service IP is configured on the director box AND on the realservers, but only the director responds to arp requests and gets the router traffic. It decides where packets should go and either rewrites the mac address or sends packets to the realserver via an IPIP tunnel. What I'd like to do is allow the director to test the realservers (make sure services are up) by tunneling a request to the realsrever in question via an IPIP tunnel. Since that service is on a ip that's also configured locally (on the director, as above) this requires some trickery to send that traffic through a tunnel interface and not direct it to localhost. Is that even possible? Or should I give up and use an external host to do the monitoring? (Or bite the bullet and make all my services bind to multiple IPs?) Any suggestions would be much appreciated, thanks! sage _______________________________________________ LARTC mailing list / LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
