Hi,
I'm trying force locally generated IP packets destined for a
IP address bound to local interface to take a small detour around
my test network.
My setup looks like this. I have a lab machine A with two physical
ethernet interfaces.
bash-2.05# ip address ls
1: lo: <LOOPBACK,UP> mtu 16436 qdisc noqueue
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 brd 127.255.255.255 scope host lo
2: eth0: <BROADCAST,MULTICAST,UP> mtu 1500 qdisc pfifo_fast qlen 100
link/ether 00:d0:b7:e3:e4:91 brd ff:ff:ff:ff:ff:ff
inet 176.24.90.4/24 brd 176.24.90.255 scope global eth0
3: eth1: <BROADCAST,MULTICAST,UP> mtu 1500 qdisc pfifo_fast qlen 100
link/ether 00:10:83:fd:d1:13 brd ff:ff:ff:ff:ff:ff
inet 176.24.30.4/24 brd 176.24.30.255 scope global eth1
bash-2.05#
I would like locally generated packets (produced by some user-space
process) with the destination 176.24.30.4 to take the path via
eth0 to the router 176.24.90.1 (which will make the packets take
a trip around our test network until the come back to eth1 at machine
A). I added a hostroute:
bash-2.05# ip route ls
176.24.30.4 via 176.24.90.1 dev eth0
176.24.30.0/24 dev eth1 scope link
176.24.90.0/24 dev eth0 scope link
127.0.0.0/8 dev lo scope link
default via 176.24.90.1 dev eth0
bash-2.05#
But it didn't work as I aspected (I understood even less
of Linux routing than I do now when I tried it):
bash-2.05# ip route flush table cache
bash-2.05# traceroute -n 176.24.30.4
traceroute to 176.24.30.4 (176.24.30.4), 30 hops max, 38 byte packets
1 176.24.30.4 0.131 ms 0.030 ms 0.028 ms
bash-2.05#
The packets take a short cut, going directly to loopback. If you
look at the "local" routing table you find out why. The entry
"176.24.30.4 via 176.24.90.1 dev eth0" matches.
bash-2.05# ip route ls table local broadcast 127.255.255.255 dev lo
proto kernel scope link src 127.0.0.1 broadcast 176.24.30.255 dev
eth1 proto kernel scope link src 176.24.30.4 broadcast
176.24.90.255 dev eth0 proto kernel scope link src 176.24.90.4
local 176.24.30.4 dev eth1 proto kernel scope host src 176.24.30.4
local 176.24.90.4 dev eth0 proto kernel scope host src 176.24.90.4
broadcast 176.24.30.0 dev eth1 proto kernel scope link src
176.24.30.4 broadcast 176.24.90.0 dev eth0 proto kernel scope link
src 176.24.90.4 broadcast 127.0.0.0 dev lo proto kernel scope link
src 127.0.0.1 local 127.0.0.1 dev lo proto kernel scope host src
127.0.0.1 local 127.0.0.0/8 dev lo proto kernel scope host src
127.0.0.1 bash-2.05#
If I remove that entry I get the following result:
bash-2.05# ip route del local 176.24.30.4 table local
bash-2.05# ip route flush table cache
bash-2.05# traceroute -n 176.24.30.4
traceroute to 176.24.30.4 (176.24.30.4), 30 hops max, 38 byte packets
1 176.24.90.1 0.311 ms 0.095 ms 0.278 ms
2 176.24.100.1 0.251 ms 0.182 ms 0.178 ms
3 176.24.12.254 0.316 ms 0.241 ms 0.239 ms
4 176.24.20.254 0.391 ms 0.343 ms 0.347 ms
5 * * *
6 * * *
7 * * *
8 * * *
9 * * *
The packets are being routed correctly (according to my spec), but
they never reach their final destination. The hop after 176.24.20.254
is 176.24.30.4 (machine A again). I guess the kernel on A just
discards the packets, because I removed the entry in the local table.
Any suggestions? How do I get the kernel to pick up the packets on
their way back *only*?
I've tried to figure out if policy routing could solve my problem
(even read the manual), but the magic (?) rule 0 sends all packets
to the local table, and there my packets matches the must-have (?)
entry (which I removed above).
Kind regards,
Mattias
-
: send the line "unsubscribe linux-net" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
