From: Tomasz Wrona <lartc@eter.tym.pl>
To: lartc@vger.kernel.org
Subject: [LARTC] Policy routing and strange packets traversing.
Date: Sat, 01 Mar 2003 15:41:10 +0000 [thread overview]
Message-ID: <marc-lartc-104653305330571@msgid-missing> (raw)
Hi,
Please suppose following config:
Two external interfaces for two different providers
On each of them configured NAT for specific IP addr.
ie.
4: eth2: <BROADCAST,MULTICAST,UP> mtu 1500 qdisc htb qlen 100
inet 1.1.1.30/30 brd 1.1.1.31 scope global eth2
6: eth4: <BROADCAST,MULTICAST,UP> mtu 1500 qdisc htb qlen 100
inet 2.2.2.66/27 brd 2.2.2.95 scope global eth4
On eth2 NAT outgoing traffic to 1.1.1.30
On eth4 NAT outgoing traffic to 2.2.2.66
Rules related for this interfaces and traffic:
# To be sure that traffic goes to proper gateway
22: from 1.1.1.30 lookup 1
22: from 2.2.2.66 lookup 2
...
# This rules are unnecessary I think but used for diagnostics gateways
#by me.
30: from all to 1.1.1.29 lookup 1
30: from all to 2.2.2.65 lookup 2
#Balance tables distributes traffic from LAN.
70: from all iif eth1 lookup balance
# ip r l ta 1
default via 1.1.1.29 dev eth2
# ip r l ta 2
default via 2.2.2.65 dev eth4
# ip r l ta balance
default
nexthop via 1.1.1.29 dev eth2 weight 2
nexthop via 2.2.2.65 dev eth4 weight 3
So. Everything works but I have observed some behaviour what
I can't understand..
What I expected was that trafic nated to 1.1.1.30 goes throught eth2
and traffic nated to 2.2.2.66 goes throught eth4.
Unfortunatelly when become listening on eth4 with following command:
tcpdump -n -i eth4 src 1.1.1.30
I can see trafiic which I am not expecting on this interface:
1.1.1.30.3145 > 217.98.144.187.20: P 1608:2144(536) ack 1 win 16616 (DF)
1.1.1.30.4282 > 212.77.100.17.5555: . ack 1889 win 17520 (DF)
The simmilar is on eth2:
tcpdump -n -i eth2 src 2.2.2.66
2.2.2.66.6114 > 217.17.41.85.8074: P 58257:58281(24) ack 530714947 win 7506 (DF)
Of course more packets have correct sources [1.1.1.30 for eth2 and
2.2.2.66 on eth4] but I cant see the reason there are some missed
packets...
I did experiment and attached iptables DROP rule on POSTROUTING on
eth2 and eth4 interfaces to catch bad sourced packets but they didnt
catch anything what says for me this "bad" traffic didnt really go
through incorrect interfaces.
So that I am confused on this packet traversing.. Could someone explain
this behaviour ? Is it OK or I have missed something ?
Regards,
tw
--
-----------
ck.eter.tym.pl
_______________________________________________
LARTC mailing list / LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
next reply other threads:[~2003-03-01 15:41 UTC|newest]
Thread overview: 4+ messages / expand[flat|nested] mbox.gz Atom feed top
2003-03-01 15:41 Tomasz Wrona [this message]
2003-03-01 17:42 ` [LARTC] Policy routing and strange packets traversing Julian Anastasov
2003-03-01 23:33 ` Tomasz Wrona
2003-03-02 10:17 ` Julian Anastasov
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=marc-lartc-104653305330571@msgid-missing \
--to=lartc@eter.tym.pl \
--cc=lartc@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.