On Fri, 12 Aug 2005, Al Boldi wrote:
ping from 10.0.2.1/8 to 10.0.0.1 should route out to 10.0.0.0/8 and
not to 10.0.1.0/24 even if the route lists before 10.0.0.0/8!
What is 10.0.2.1/8 in this discussion? An interface with the IP of
10.0.2.1 and mask of /8 (255.0.0.0)? If so this interface will get all
10.X traffic for which no other more specific route exists.
What you say above won't happen. A 10.0.1.0/24 route won't ever get
traffic for 10.0.0.* as it is not within it's scope. Check your routing
table again, I do not think it looks the way you seem to think it does
ip ro ls
From what I can remember the data shown earlier does not match your
problem description above either. Seem to remember you having two
interfaces in the 10.x/8 network range. Only one of these two interfaces
will get the 10.x/8 route. Having more than one interface in the same
network range is generally a bad idea, but works reasonably provided one
uses a subnet of the other.
To include the source address in your routing decisions see "ip
rule add/remove" and the Linux Advanced Routing howto.
Is there a way to do it w/o iptables?
Yes (the experimental route target), but it is much better done in
routing. The Linux kernel can route in pretty much any manner you can
imagine, it just needs to be given proper instructions. But as always it
is best to design your network in such manner that no strange routing is
needed.
Regards
Henrik
-
: send the line "unsubscribe linux-net" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
