[LARTC] routing bug?

Linux Advanced Routing and Traffic Control

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Hello,

I have set up the following route:

ip rule add prio 20 table test
ip route add default table test proto static \
  nexthop dev eth0 via 80.98.79.254 weight 1 \
  nexthop dev ppp0 via 62.112.192.134 weight 1

[root@roadrunner ~ ] # ip route get 195.228.120.3
195.228.120.3 via 62.112.192.134 dev ppp0  src 62.112.220.27
    cache  mtu 1454 advmss 1414

then I try to telnet to the ssh port of 195.228.120.3

In the meantime:
[root@roadrunner ~ ] # tcpdump -i ppp0 host 195.228.120.3
tcpdump: listening on ppp0
22:59:44.177458 80.98.79.17.35279 > 195.228.120.3.ssh: S 3019355410:3019355410(0) win 5656 <mss 1414,sackOK,timestamp 550913 0,nop,wscale 0> (DF) [tos 0x10]
[...repeated for 4 times...]
23:00:13.299255 195.228.120.3.ssh > 62.112.220.27.35251: P 2635459978:2635460026(48) ack 2627843263 win 15532 <nop,nop,timestamp 383251 514492> (DF)
23:00:29.174513 80.98.79.17.35279 > 195.228.120.3.ssh: S 3019355410:3019355410(0) win 5656 <mss 1414,sackOK,timestamp 555413 0,nop,wscale 0> (DF) [tos 0x10]

(Notice that the source address (80.98.79.17) belongs to eth0 not to ppp0)

At the same time I ran a tcpdump on the eth0 interface as well and it had
gotten no packets from 195.228.120.3 at all.

The packet that came at 23:00:13 is rather strange. I do not know, how did
it find out where should it send its packet back if my own packet's source
address was wrong.
(After I had repeated the operation several times, I was not able to catch
this packet again. It might had been a stale packet from a previous
connection, I don't know.)

After all of this:
[root@roadrunner /stor/home/ggabor ] # ip route get 195.228.120.3
195.228.120.3 via 62.112.192.134 dev ppp0  src 62.112.220.27
    cache  mtu 1454 advmss 1414

Can this be a bug or did I make a mistake somewhere?
During the operation there had been no rules in iptables' tables.

If a program tries to use eth0 with the same routing settings, there is no
problem.

thanks in advance

-- 
 Gabor Gludovatz <ggabor@sopron.hu>  -  Phone: +36 (20) 9 109 129
     http://gludo.sopron.hu/ * http://gludo.sopron.hu/gpg.txt
GPG fingerprint: 8D0C 6AE8 5875 751E 5122-1DAE 4990 1A4E BC2E C8B9
[Index of Archives]     [LARTC Home Page]     [Netfilter]     [Netfilter Development]     [Network Development]     [Bugtraq]     [GCC Help]     [Yosemite News]     [Linux Kernel]     [Fedora Users]
  Powered by Linux