Re: Multiple link, policy routing and link not in defaut route...

All of lore.kernel.org
 help / color / mirror / Atom feed

From: Jay Vosburgh <jay.vosburgh@canonical.com>
To: lartc@vger.kernel.org
Subject: Re: Multiple link, policy routing and link not in defaut route...
Date: Tue, 09 Feb 2021 01:47:25 +0000	[thread overview]
Message-ID: <1822.1612835245@famine> (raw)
In-Reply-To: <20210203181530.GO3370@lilliput.linux.it>

Marco Gaiarin <gaio@sv.lnf.it> wrote:

>> Why the interface need to be in 'default route'? Thanks.
>
>As sugested by a private reply, i've disabled 'rp_filter' and packet
>flow correctly.
>
>AFAI've understood, packet get routed correctly to the intended
>interface, but when reply come back the reverse path filter interpret
>it as 'impossible' (because there's no a forward route, and this is
>true indeed), and filter it away.
>
>
>There's some 'smarter' way, or fine-grained way, or i have to disable
>rp_filter as the only option?

	Another possibility is that, because you're using fwmark in the
routing, you're running afoul of the src_valid_mark sysctl.

	By default (src_valid_mark = 0), fwmark is not checked when
performing rp_filter reverse path route lookups.  Enabling
net.ipv4.conf.*.src_valid_mark will cause the fwmark to be utilized for
the reverse path lookup.

	-J

---
	-Jay Vosburgh, jay.vosburgh@canonical.com

next prev parent reply	other threads:[~2021-02-09  1:47 UTC|newest]

Thread overview: 6+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2021-02-03 18:15 Multiple link, policy routing and link not in defaut route Marco Gaiarin
2021-02-05 16:42 ` Marco Gaiarin
2021-02-06 10:30 ` cronolog+lartc
2021-02-08 15:15 ` Marco Gaiarin
2021-02-09  1:47 ` Jay Vosburgh [this message]
2021-02-09 17:54 ` Marco Gaiarin

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=1822.1612835245@famine \
    --to=jay.vosburgh@canonical.com \
    --cc=lartc@vger.kernel.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.