[LARTC] Policy routing/Zebra/VLAN problem

Linux Advanced Routing and Traffic Control

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Hi,

I have an interesting (well, it is to me!) situation involving policy
routing and VLANs.
Apologies if the description is long-winded. The network is as follows:


                 R2 ---- B
                /
               /
              /
 ---> A --- R1 
              \
               \
                \
                 R3 ---- C


We send packets from A to either B or C (they are the same ultimate
destination, reached  via different routes), with router R1 routing packets
based on various characteristics  (such as DSCP). We are interested in
ensuring that if the link from R3 to C goes down the  packets that were
destined for C get re-routed via R2. 

The policy routing in R1 over-rides what OSPF learns about the state of the
link between  R3 and C, and so traffic is still sent from R1 to R3. Our
initial idea was to put in a  second link from R1 to R3 which would be used
to send packets back to R1 when R3's link  to C was down: the policy routing
in R1 is done on the ingress interface for packets from  A, so R1 routes
packets from R3 destined for B/C to R2 without issue. This worked as
expected.

R1 has a limited number of physical interfaces (and we may eventually have
more links R4 - D, R5 - E, and so on), so we tried doing the same thing
using VLANs. We configured two VLANs between R1 and R3 in the hope that
should the link from R3 to C fail, traffic would be routed back to R1 down
the second VLAN and, again, from R1 to R2 and on to B. The curious result
was that packets were re-routed back down the *same* VLAN they arrived at R3
on. Taking out the second VLAN between R1 and R3 makes no difference. This
seems highly illegal in routing terms, and I'm keen to know why it is
happening.

R2 and R3 are running Linux, kernel 2.4.21-pre4, zebra 0.94, and we are
using the latest  version (1.7) of vconfig for the VLANs. R1 has been either
a Linux or Cisco router, with  the same results.

Any comments/explanations much appreciated. Thanks,
James

The Information contained in this E-Mail and any subsequent correspondence
is private and is intended solely for the intended recipient(s).
For those other than the recipient any disclosure, copying, distribution,
or any action taken or omitted to be taken in reliance on such information
is prohibited and may be unlawful.


[Index of Archives]     [LARTC Home Page]     [Netfilter]     [Netfilter Development]     [Network Development]     [Bugtraq]     [GCC Help]     [Yosemite News]     [Linux Kernel]     [Fedora Users]
  Powered by Linux