From mboxrd@z Thu Jan 1 00:00:00 1970 From: Oleg Subject: Re: Policy routing problem Date: Tue, 23 Oct 2012 18:47:05 +0400 Message-ID: <20121023144705.GA15793@localhost> References: <56295.129.217.4.64.1350990304.squirrel@postamt.cs.uni-dortmund.de> <20121023112719.GB21445@localhost> <45189.129.217.4.64.1350998605.squirrel@postamt.cs.uni-dortmund.de> Reply-To: Oleg Mime-Version: 1.0 Return-path: DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yandex.ru; s=mail; t=1351003746; bh=7Je2OpC73K6h6UV6+zdwdgqWbhor79z8qDNWxsxUGyo=; h=Date:From:To:Subject:Message-ID:Reply-To:Mail-Followup-To: References:MIME-Version:Content-Type:Content-Disposition: In-Reply-To:User-Agent; b=QkaM4SVACMTA+sz4LFnQfN5tEw9P0IUwVQmz2HiWgiJ6mTn8tsGv2U33aOmplyRlu ag7GkWHXNnI5cupTyy0MiqEHfmnjOnAh/sRtkdtzbleMdKeIjSnqn+TlJvu+k1W2ap 4xtz5LcKRc+k2Mepww/JQ1nDMlRDnOIvLu9Axdfk= Content-Disposition: inline In-Reply-To: <45189.129.217.4.64.1350998605.squirrel@postamt.cs.uni-dortmund.de> Sender: linux-admin-owner@vger.kernel.org List-ID: Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit To: linux-admin@vger.kernel.org On Tue, Oct 23, 2012 at 03:23:25PM +0200, Christoph Pleger wrote: > Hello, > > > If you have a separate IP for an each interface, everything should be > > ok, because of device routes. > > Show ip rou output for your vlans. > > I explicitly deleted from the main routing table all of what I guess you > mean with device routes, except the one for the primary network interface, > and created a new routing table for every device. To be more accurate than > before, my primary IP address is on eth0 and the VLANs are on eth1. > Routing tables are currently like follows: Are you have real tagged vlan interfaces or by vlan you mean an interface aliases (where multiple IP exists on one interface)? > root@machine:~# ip rule show > 0: from all lookup local > 32749: from 129.217.63.0/26 lookup 211 > 32750: from 129.217.62.0/24 lookup 76 > 32751: from 129.217.47.192/26 lookup 214 > 32752: from 129.217.47.128/26 lookup 215 > 32753: from 129.217.45.0/25 lookup 145 > 32754: from 129.217.38.0/24 lookup 138 > 32755: from 129.217.33.0/24 lookup 133 > 32756: from 129.217.28.0/24 lookup 128 > 32757: from 129.217.26.0/24 lookup 126 > 32758: from 129.217.22.0/24 lookup 122 > 32759: from 129.217.16.0/24 lookup 116 > 32760: from 129.217.14.0/24 lookup 114 > 32761: from 129.217.12.0/24 lookup 112 > 32762: from 129.217.11.64/26 lookup 226 > 32763: from 129.217.10.0/24 lookup 110 > 32764: from 129.217.2.0/24 lookup 102 > 32765: from 129.217.4.0/24 lookup 104 > 32766: from all lookup main > 32767: from all lookup default > > root@machine:~# ip route show > 129.217.5.0/24 dev eth0 proto kernel scope link src 129.217.5.61 > default via 129.217.5.20 dev eth0 > > One of the newly created tables looks like this, others are similar: > > root@machine:~# ip route show table 122 > 129.217.22.0/24 dev eth1.122 scope link > > Some tables additionally define a default gateway: > > root@machine:~# ip route show table 112 > 129.217.12.0/24 dev eth1.112 scope link > default via 129.217.12.20 dev eth1.112 > > I need this because I am using several virtual servers > (http://linux-vserver.org) on that machine, all of them sharing the same > kernel (and with that, the same routing tables), but having different IP > addresses. So, I am using multiple routing tables for setting up a > different routing for every virtual machine. > > The DHCP server is running in one of the virtual machines, having its > primary IP on eth1.104, and though I explicitly defined a list of > interfaces DHCP should listen on and eth1.104 is not included in this > list, DHCP sends out unicast replies on eth1.104. > > Regards > Christoph > -- > To unsubscribe from this list: send the line "unsubscribe linux-admin" in > the body of a message to majordomo@vger.kernel.org > More majordomo info at http://vger.kernel.org/majordomo-info.html >