Re: [B.A.T.M.A.N.] Problems with Gateway-Selection without option -g

[Michael Rack <michael.rack@rsm-freilassing.de>]

[-- Attachment #1: Type: text/plain, Size: 2111 bytes --]

Am 07.09.2009 15:02, schrieb Marek Lindner:
> And what is the MTU of the interface batman is running on ?
>
> Did the iptables command I posted help you to fix your MSS problem ?
>
>    
The interface where batman is running on have MTU 1460 (Standard 
Ethernet - UDP VPN Overload) on HOST #1.
The interface where batman is running on have MTU 1500 (Standard 
Ethernet) on HOST #2.
Yes, the iptables-command does the trick for me. This iptalbes-filter 
was known before. I added the filter to the mangle-table as the problem 
occurs.

My Root-Server (HOST #1) is located at Nuernberg, DE and have access to 
the internet with a public ip-space /22 that allocated to me. HOST #2 is 
connected to an lowcost ISP-Provider with 30MBits / 2MBits. HOST #2 is 
connected by VPN with HOST #1 to route the public ip-addresses.
>> IP-Host #1: 123.205.12.0 / 32
>> IP-Host #2: 123.205.12.4 / 32
>>
>> IP RULES ON "HOST #2":
>> ~ $ /sbin/ip rule show
>> 6600:    to 123.205.12.4 lookup batman_hosts [66]
>> 6601:    from all lookup batman_networks [65]
>> 6700:    to 123.205.12.4 lookup batman_unreach [67]
>>
>> Host #1 (123.205.12.0) is in the routingtable of batman_hosts [66].
>>
>> But i can not ping 123.205.12.0, because the kernel will not enter the
>> rule 6600.
>>
>> When i configure my Host #2 to a /24 network, all went fine. Then the
>> rule will setuped as follow:
>>
>> 6600:    to 123.205.12.4/24 lookup batman_hosts [66]
>>      
> Ok, I see your problem. Batman could easily detect whether the host is part of
> any existing network and if not modify the routing rules. I see 2 options:
> * adding more rules to jump in table 66
> * adding the node to table 65 instead of 66
>    
Correct. I've added some rules with "to any", and this does the trick. 
In addition i use my own policy-routing-script, because the "throw" 
event makes the routing-table a little fuzzy. Now i have only two 
routing-tables "batman_hosts" and "batman_networks". In my 
policy-routing-script i do the seperation between both tables.
> What did you do to make it work ?
>    
My policy-routing-script is attached.

Michael.


[-- Attachment #2: policy_routing_script.sh --]
[-- Type: text/plain, Size: 1421 bytes --]

#!/bin/sh
LOG_FILE="/var/log/batman-routing.log"
echo "" > $LOG_FILE
date=(/bin/date +"%Y-%m-%d %H:%M:%S")

while read method action mtype dst mask gw src_ip ifi_prio dev table
do
	if [ "$method" == "ROUTE" ]
	then
		if [ "$mtype" == "UNICAST" ]
		then
			if [ "$mask" == "32" -a "$table" == "66" ]
			then
				# HOST-Route
				if [ "$action" == "add" ]
				then
					if [ "$gw" == "$dst" ]
					then
						# DIRECT NEIGHBOUR
						/sbin/ip route add $dst src $src_ip dev $dev table $table
						echo "Add neighbour: $dst reached by $src_ip@$dev" >> $LOG_FILE
					else
						# TWO-HOP NEIGHBOUR
						/sbin/ip route add $dst/$mask via $gw src $src_ip dev $dev table $table
						echo "Add host: $dst via $gw reached by $src_ip@$dev" >> $LOG_FILE
					fi
				elif [ "$action" == "del" ]
				then
				# Remove a HOST-Route
					/sbin/ip route del $dst table $table
					echo "Delete neighbour: $dst" >> $LOG_FILE
				fi
			elif [ "$mask" != "32" -a "$table" == "65" ]
			then
				# NETWORK-Announcement
				if [ "$action" == "add" ]
				then
					# Add Network
					/sbin/ip route add $dst/$mask via $gw src $src_ip dev $dev table $table
					echo "Add network: $dst/$mask via $gw reached by $src_ip@$dev" >> $LOG_FILE
				elif [ "$action" == "del" ]
				then
					# Remove Network
					/sbin/ip route del $dst/$mask via $gw table $table
					echo "Add network: $dst/$mask via $gw" >> $LOG_FILE
				fi
			fi
		fi
	fi
done