From: Julian Anastasov <ja@ssi.bg>
To: lartc@vger.kernel.org
Subject: Re: [LARTC] Weird problems with source-based routing, proxy_arp and
Date: Fri, 29 Nov 2002 22:50:43 +0000 [thread overview]
Message-ID: <marc-lartc-103861025917882@msgid-missing> (raw)
In-Reply-To: <marc-lartc-103858600030786@msgid-missing>
Hello,
On Fri, 29 Nov 2002, Janssen Alexander wrote:
> ip route add 10.1.56.222 dev eth1 # Router1
> ip route add 10.1.56.193 dev eth0 # Workstation1
> # every Workstation has it's own table
> ip rule add from 10.1.56.193 table 193
> ip route add default via 10.1.56.222 dev eth1 table 193
>
> In my understanding the firewall should not answer to
> arp-whois requests for IP 10.1.56.193 on interface eth0.
> Or did i get it wrong?
Yes
May be only one missing line to be happy with medium_id:
ip rule add prio 100 table main
Explanation:
I see only the table for .193 but I assume there are other
similar tables, you have asymmetric routing configured when it should
not be in this way. What happens:
A and B are on same LAN, Host A resolves B:
who-has B tell A
firewall:
Q: I see probe "who-has B tell A" on dev X. Where points the route
from A to B?
A: There is route "from A to 0/0 => Forward via DEV Y". Well, X != Y,
they have different medium_id values => answer this ARP probe on DEV X.
The problem is that you have routes in this order (ip rule show):
from A to 0/0 => DEV Y (table A)
from 0/0 to B => DEV X (table main)
You need to inspect the main table first.
Regards
--
Julian Anastasov <ja@ssi.bg>
_______________________________________________
LARTC mailing list / LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
prev parent reply other threads:[~2002-11-29 22:50 UTC|newest]
Thread overview: 2+ messages / expand[flat|nested] mbox.gz Atom feed top
2002-11-29 16:04 [LARTC] Weird problems with source-based routing, proxy_arp and the mediu Janssen Alexander
2002-11-29 22:50 ` Julian Anastasov [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=marc-lartc-103861025917882@msgid-missing \
--to=ja@ssi.bg \
--cc=lartc@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.