Re: ROUTE and source IPv6 routing - how ?

Linux Netfilter discussions
 help / color / mirror / Atom feed

From: Cedric de Launois <delaunois@info.ucl.ac.be>
To: Pawel Hadam <Pawel.Hadam@imag.fr>
Cc: netfilter@lists.netfilter.org
Subject: Re: ROUTE and source IPv6 routing - how ?
Date: Tue, 02 Dec 2003 09:02:00 +0100	[thread overview]
Message-ID: <1070352120.1383.9.camel@descartes> (raw)
In-Reply-To: <Pine.GSO.4.33.0312011606350.27223-100000@horus.imag.fr>

Le lun 01/12/2003 à 16:22, Pawel Hadam a écrit :
> Hi all
> 
> I have two hosts and both have two NICs.
> 
> CLIENT: eth0 - ipc0 = 2001:660:5301:26:2c0:9fff:fe1a:caca
>         eth1 - ipc1 = 2001:688:1fa1:2:204:75ff:fef8:93a4
> 
> SERVER: eth0 - ips0 = 2001:660:5301:26:210:5aff:febe:bb78
>         eth1 - ips1 = 2001:688:1fa1:2:204:75ff:fee8:52fd
> 
> As you can see, both eth0 are connected to the same LAN (so have IPv6
> addresses from the same LAN), and both eth1 are connected to the second
> LAN.
> 
> According to the normal IPv6 routing, all packets exit from CLIENT to ips0
> always via eth0, and to ips1 always via eth1.
> 
> But when I have a client program bound to ipc0 (src = ipc0) I would like
> to see all packets exiting via eth0, both packets going to ips0 and to
> ips1. The same way, packets from a client bound to ipc1 (src = ipc1)
> should always exit via eth1. Like this:
> 
> 1) (ipc0 -> ips0) via eth0
> 2) (ipc0 -> ips1) via eth0
> 3) (ipc1 -> ips0) via eth1
> 4) (ipc1 -> ips1) via eth1
> 
> 
> To obtain this I used kernel 2.4.22 with netfilter and patch-o-matic
> module ROUTE, and configured this way:
> 
> 
> mykonos:~ # ip6tables -t mangle -A POSTROUTING --source
> 2001:660:5301:26:2c0:9fff:fe1a:caca -j ROUTE --oif eth0 --continue
> 
> mykonos:~ # ip6tables -t mangle -A POSTROUTING --source
> 2001:688:1fa1:2:204:75ff:fef8:93a4 -j ROUTE --oif eth1 --continue
> 
> mykonos:~ # ip6tables -t mangle -nL
> Chain PREROUTING (policy ACCEPT)
> target     prot opt source               destination
> 
> Chain INPUT (policy ACCEPT)
> target     prot opt source               destination
> 
> Chain FORWARD (policy ACCEPT)
> target     prot opt source               destination
> 
> Chain OUTPUT (policy ACCEPT)
> target     prot opt source               destination
> 
> Chain POSTROUTING (policy ACCEPT)
> target     prot opt source               destination
> ROUTE      all      2001:660:5301:26:2c0:9fff:fe1a:caca/128  ::/0
> ROUTE oif:eth0 continue
> ROUTE      all      2001:688:1fa1:2:204:75ff:fef8:93a4/128  ::/0
> ROUTE oif:eth1 continue
> 
> 
> But it works only in cases 1) and 4). In cases 2) and 3) it gives the
> following messages in /var/log/messages:
> 
> 
> Dec  1 15:52:29 mykonos kernel: ip6t_ROUTE: no explicit route found via
> interface eth1
> 
> Dec  1 15:52:45 mykonos kernel: ip6t_ROUTE: called with:
> DST=2001:0688:1fa1:0002:0204:75ff:fee8:52fd
> GATEWAY=0000:0000:0000:0000:0000:0000:0000
> :0000 OUT=eth0
> 
> Dec  1 15:52:45 mykonos kernel: ip6t_ROUTE: no explicit route found via
> interface eth0
> 
> Dec  1 15:52:48 mykonos kernel: ip6t_ROUTE: called with:
> DST=2001:0688:1fa1:0002:0204:75ff:fee8:52fd
> GATEWAY=0000:0000:0000:0000:0000:0000:0000
> :0000 OUT=eth0
> 
> 
> 
> And I cannot see any packet exiting any interface.
> 
> Could anybody help me with this configuration to reach my target, please
> ??? Or maybe I should change something in my routing table ???

You have to add an entry in your routing table saying that destination
2001:688:1fa1:2:204:75ff:fee8:52fd is reachable through iface ipc0.
Otherwise the ROUTE target can't figure out whether the destination
is on-link or gateway'ed.

Try with something like this :
  ip -f inet6 route add 2001:688:1fa1:2:204:75ff:fee8:52fd dev eth0

Same remark applies for case 3).

Cedric

next prev parent reply	other threads:[~2003-12-02  8:02 UTC|newest]

Thread overview: 7+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2003-12-01 15:22 ROUTE and source IPv6 routing - how ? Pawel Hadam
2003-12-01 16:01 ` patch nth, load balancing Fabrice Grelaud
2003-12-02  8:02 ` Cedric de Launois [this message]
2003-12-02  9:35   ` ROUTE and source IPv6 routing - how ? Andrea Iacopini
2003-12-02 10:13   ` Pawel Hadam
2003-12-02 10:42     ` Cedric de Launois
2003-12-02 10:50       ` Pawel Hadam

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=1070352120.1383.9.camel@descartes \
    --to=delaunois@info.ucl.ac.be \
    --cc=Pawel.Hadam@imag.fr \
    --cc=netfilter@lists.netfilter.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox