All of lore.kernel.org
 help / color / mirror / Atom feed
From: "Brian J. Murrell" <brian@interlinx.bc.ca>
To: lartc@vger.kernel.org
Subject: [LARTC] mutliple default routes, rp_filter and martians
Date: Sat, 10 Feb 2007 13:29:42 +0000	[thread overview]
Message-ID: <1171114182.7941.135.camel@pc.ilinx> (raw)


[-- Attachment #1.1: Type: text/plain, Size: 1663 bytes --]

I have a theory on the cause of a problem but it is still only a theory.
I wonder if anyone here can confirm.

I have a multi-isp configuration with a multi-path default route to each
ISP, equally weighted.

I am seeing, periodically, traffic dropped due to martian detection and
errors logged on inbound traffic, but at other times, that same exact
traffic will be allowed, no errors.

My supposition is this:  If I use "ip route get <source_addr>" for the
source address that rp_filter is dropping traffic from I can see that
it's reporting that traffic to that address would use the alternate ISP
interface from the one it's being received on (and logged as a martian
and dropped).  If I continue to use ip get route on that address
eventually it will report the interface that the traffic is being
received on -- that would be the balancing feature of the multiple
paths.

I believe that during these times when ip route get is reporting the
alternate interface, the kernel would also log inbound packets from that
address as martians.  Is this the case?

To further confirm my supposition, while my gateway is dropping packets
and logging them as martians, I can install a route specifically for
that source pointing to the interface that they are being received on
and the dropping/martian logging stops and the traffic is received.

So to summarize it seems that when doing the rp_filter tests, the kernel
only uses the "current default" route and not all available default
routes when determining the reverse path.  Is this true?

Thanx,
b.

-- 
My other computer is your Microsoft Windows server.

Brian J. Murrell

[-- Attachment #1.2: This is a digitally signed message part --]
[-- Type: application/pgp-signature, Size: 189 bytes --]

[-- Attachment #2: Type: text/plain, Size: 143 bytes --]

_______________________________________________
LARTC mailing list
LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc

                 reply	other threads:[~2007-02-10 13:29 UTC|newest]

Thread overview: [no followups] expand[flat|nested]  mbox.gz  Atom feed

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=1171114182.7941.135.camel@pc.ilinx \
    --to=brian@interlinx.bc.ca \
    --cc=lartc@vger.kernel.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.