IP policy routing & rule 0 - Christian P. Schmidt

All of lore.kernel.org
 help / color / mirror / Atom feed

From: "Christian P. Schmidt" <schmidt@digadd.de>
To: netdev@vger.kernel.org
Subject: IP policy routing & rule 0
Date: Thu, 17 Dec 2009 19:16:51 +0100	[thread overview]
Message-ID: <4B2A7593.4040607@digadd.de> (raw)

Hi,

I'm trying to set up a test where I use a single PC to send traffic
across an external device (router, firewall, etc) and back to the same PC.

I am using two VLANs on a single interface, though it in principle
should not be different from using two physical interface. The setup
looks like this:

ip link add link eth0 name eth0.1 type vlan id 1
ip link add link eth0 name eth0.2 type vlan id 2

ip addr add dev eth0.1 10.3.0.2/24
ip link set dev eth0.1 up

ip addr add dev eth0.2 1.32.0.2/24
ip link set dev eth0.2 up

ip route del 10.32.0.0/24 dev eth0.1
ip route add 10.32.0.0/24 table 11 dev eth0.1
ip route add default table 11 via 10.32.0.1
ip rule add from 10.32.0.2 table 11

ip route del 1.32.0.0/24 dev eth0.2
ip route add 1.32.0.0/24 table 12 dev eth0.2
ip route add default table 12 via 1.32.0.1
ip rule add from 1.32.0.2 table 12

This works - mostly. I fail to force a packet from 10.3.0.2 to 1.32.0.2
using the ethernet port, instead it seems to go directly:

[~]>ping 1.32.0.1 -I 10.32.0.2 -c 1
PING 1.32.0.1 (1.32.0.1) from 10.32.0.2 : 56(84) bytes of data.
64 bytes from 1.32.0.1: icmp_seq=1 ttl=62 time=1.08 ms

vs.

[~]>ping 1.32.0.2 -I 10.32.0.2 -c 1
PING 1.32.0.2 (1.32.0.2) from 10.32.0.2 : 56(84) bytes of data.
64 bytes from 1.32.0.2: icmp_seq=1 ttl=64 time=0.043 ms

I have the feeling this is related to rule 0:
[~]>ip rule show
0:	from all lookup local
32763:	from 1.32.0.2 lookup 12
32764:	from 10.32.0.2 lookup 11
32765:	from 192.168.255.30 lookup 10
32766:	from all lookup main
32767:	from all lookup default

but deleting the route from the "local" table leads to a completely
unusable interface.

Is there a way to achieve what I want?

Regards,
Christian

next             reply	other threads:[~2009-12-17 18:44 UTC|newest]

Thread overview: 2+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2009-12-17 18:16 Christian P. Schmidt [this message]
2009-12-17 20:43 ` IP policy routing & rule 0 Octavian Purdila

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=4B2A7593.4040607@digadd.de \
    --to=schmidt@digadd.de \
    --cc=netdev@vger.kernel.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.