Policy-routing of locally originated traffic?

public inbox for linux-kernel@vger.kernel.org
 help / color / mirror / Atom feed

From: Dyadya Skrudzh <gorshkov@gmail.com>
To: linux-kernel@vger.kernel.org
Subject: Policy-routing of locally originated traffic?
Date: Mon, 18 Jan 2010 13:24:34 -0800	[thread overview]
Message-ID: <4B54D192.5050503@gmail.com> (raw)

Hello.

Short version: Is it possible?

Long question: read on!

I'm trying to do some weird thing, here. There's dynamips running on my 
F11 box
(kernel 2.6.30.10-105.fc11.i586) emulating Cisco 7200 router with two 
FastEthernets.

Interfaces are connected as:

f0/0 is attached to tap10 on Linux
f0/1 is attached to tap20 on Linux

IP addresses are:

tap10: 10.10.0.1/16
f0/0: 10.10.0.2/16
f0/1: 10.20.0.2/16
tap20: 10.20.0.1/16

Policy routing configured as:

[root@lab ~]# ip rule
0:      from all lookup local
32764:  from 10.20.0.1 to 10.10.0.0/16 lookup tap20
32765:  from 10.10.0.1 to 10.20.0.0/16 lookup tap10
32766:  from all lookup main
32767:  from all lookup default

[root@lab ~]# ip route show table tap10
default via 10.10.0.2 dev tap10

[root@lab ~]# ip route show table tap20
default via 10.20.0.2 dev tap20

Interfaces, Linux:

[root@lab ~]# ip addr show dev tap10
7: tap10: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast 
state UNKNOWN qlen 500
    link/ether 00:50:56:a7:5d:07 brd ff:ff:ff:ff:ff:ff
    inet 10.10.0.1/16 brd 10.10.255.255 scope global tap10
    inet6 fe80::250:56ff:fea7:5d07/64 scope link
       valid_lft forever preferred_lft forever

[root@lab ~]# ip addr show dev tap20
8: tap20: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast 
state UNKNOWN qlen 500
    link/ether 00:50:56:b7:5b:b2 brd ff:ff:ff:ff:ff:ff
    inet 10.20.0.1/16 brd 10.20.255.255 scope global tap20
    inet6 fe80::250:56ff:feb7:5bb2/64 scope link
       valid_lft forever preferred_lft forever

Interfaces, Cisco:

interface FastEthernet0/0
 ip address 10.10.0.2 255.255.0.0
 no ip proxy-arp
!
interface FastEthernet0/1
 ip address 10.20.0.2 255.255.0.0
 no ip proxy-arp

Here's the results I got:

[ next hop, OK ]

[root@lab ~]# ip route flush cache ; ping -c 3 -I 10.10.0.1 10.10.0.2 ; 
ip route show cache
PING 10.10.0.2 (10.10.0.2) from 10.10.0.1 : 56(84) bytes of data.
64 bytes from 10.10.0.2: icmp_seq=1 ttl=255 time=2.50 ms
64 bytes from 10.10.0.2: icmp_seq=2 ttl=255 time=1.89 ms
64 bytes from 10.10.0.2: icmp_seq=3 ttl=255 time=2.06 ms

--- 10.10.0.2 ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 2003ms
rtt min/avg/max/mdev = 1.892/2.152/2.505/0.264 ms
10.10.0.2 from 10.10.0.1 dev tap10
    cache  mtu 1500 advmss 1460 hoplimit 64
local 10.10.0.1 from 10.10.0.2 dev lo  src 10.10.0.1
    cache <local,src-direct>  iif tap10

[ another interface on Cisco, OK ]

[root@lab ~]# ip route flush cache ; ping -c 3 -I 10.10.0.1 10.20.0.2 ; 
ip route show cache
PING 10.20.0.2 (10.20.0.2) from 10.10.0.1 : 56(84) bytes of data.
64 bytes from 10.20.0.2: icmp_seq=1 ttl=255 time=2.92 ms
64 bytes from 10.20.0.2: icmp_seq=2 ttl=255 time=2.05 ms
64 bytes from 10.20.0.2: icmp_seq=3 ttl=255 time=2.05 ms

--- 10.20.0.2 ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 2003ms
rtt min/avg/max/mdev = 2.057/2.348/2.928/0.410 ms
10.20.0.2 from 10.10.0.1 via 10.10.0.2 dev tap10
    cache  mtu 1500 advmss 1460 hoplimit 64
local 10.10.0.1 from 10.20.0.2 dev lo  src 10.10.0.1
    cache <local>  iif tap10

[ tap10 -> tap20 interface through Cisco. Does not work; ping is OK but 
route is local ]

[root@lab ~]# ip route flush cache ; ping -c 3 -I 10.10.0.1 10.20.0.1 ; 
ip route show cache
PING 10.20.0.1 (10.20.0.1) from 10.10.0.1 : 56(84) bytes of data.
64 bytes from 10.20.0.1: icmp_seq=1 ttl=64 time=0.052 ms
64 bytes from 10.20.0.1: icmp_seq=2 ttl=64 time=0.022 ms
64 bytes from 10.20.0.1: icmp_seq=3 ttl=64 time=0.021 ms

--- 10.20.0.1 ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 2000ms
rtt min/avg/max/mdev = 0.021/0.031/0.052/0.015 ms
local 10.20.0.1 from 10.10.0.1 dev lo
    cache <local>  mtu 16436 advmss 16396 hoplimit 64
local 10.10.0.1 from 10.20.0.1 dev lo
    cache <local>  ipid 0xe686 mtu 16436 advmss 16396 hoplimit 64

Is there any way I can make it work?

Thank you,
DS

                 reply	other threads:[~2010-01-18 21:24 UTC|newest]

Thread overview: [no followups] expand[flat|nested]  mbox.gz  Atom feed

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=4B54D192.5050503@gmail.com \
    --to=gorshkov@gmail.com \
    --cc=linux-kernel@vger.kernel.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox