You have configured eth0 (on your machine) with an ip address/mask: 192.168.0.1/24
For some reason, you want to use a gateway on the physical LAN of eth0
which has an inconsistent configuration. Assume it has an address 10.0.10.1/24, which does not match the 192.168.0.1/24 configuration you gave your own machine.
If you say:
ip route add default dev eth0 via 10.0.10.1
then you will get an error response (network unreachable or something).
Why? Because (strictly speaking) it does not make sense to have
a machine 10.0.10.1 on the eth0 lan, because you told your computer this lan's network address is 192.168.0.0/24.
But here it comes: if you add "onlink" to the command, like this:
ip route add default dev eth0 via 10.0.10.1 onlink
then the route is accepted.
But now we come to another question: What does the kernel do if a packet has to routed to this "onlink" gateway? I checked (by experiment), and this is the result:
The kernel sends an arp request on the eth0-lan asking "who-has 10.0.10.1", which is the "onlink" gateway you configured. When it receives a response, he has a MAC address where he can send his packets to and routing will be performed.
This means: when the gateway's address doesn't match the lan configuration on your computer (eth0), you can force the kernel to use
this gateway by adding "onlink" to the statement.
I guess there very rare situations where you have to use this feature.
Situations where you need the onlink option will mostly be a case of poor network design... I don't think the average tunnel setup needs "onlink" either.
Regards, Guy
bert hubert wrote:
On Sun, Mar 25, 2001 at 12:43:07AM -0300, Rogerio Brito wrote:
On Mar 24 2001, bert hubert wrote:
If someone manages to write a reasonable explanation for the 'onlink' option, I'll put it in the HOWTO ASAP.
As far as I understand it, the situation is as follows:
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Sometimes, you may want to send packets via a machine (i.e., a gateway) which is physically connected to your network, but to which you don't specifically have a route in your kernel routing table.
I'm more confused then ever!
Alexey says this: A: Yes, in 2.2 the rule that {\em normal} gateway must reside on directly
connected network has not any exceptions. You may tell kernel, that
this particular route is {\em abnormal}:
\begin{verbatim} ifconfig tunl0 10.0.0.1 netmask 255.255.255.255
ip route add 10.0.0.0/8 via 193.233.7.65 dev tunl0 onlink
\end{verbatim}
Note keyword \verb|onlink|, it is the magic key that orders kernel
not to check for consistency of gateway address.
Probably, after this explanation you have already guessed another method
to cheat kernel:
\begin{verbatim} ifconfig tunl0 10.0.0.1 netmask 255.255.255.255
route add -host 193.233.7.65 dev tunl0
route add -net 10.0.0.0 netmask 255.0.0.0 gw 193.233.7.65
route del -host 193.233.7.65 dev tunl0
\end{verbatim}
Well, if you like such tricks, nobody may prohibit you to use them.
Only do not forget
that between \verb|route add| and \verb|route del| host 193.233.7.65 is
unreachable.
However, our HOWTO says this:
ip tunnel add netb mode gre remote 172.19.20.21 local 172.16.17.18 ttl 255 ip link set netb up ip addr add 10.0.1.1 dev netb ip route add 10.0.2.0/24 dev netb
We don't use onlink - might it be that 'onlink' is only useful for ipip tunnels?
Please let me know if this is acceptable. I could write with more details (giving a more concrete example), but I'm very busy right now. :-(
Once this is cleared up, your text will do fine. Thanks!
Regards,
bert
