Re: Packets go to the wrong interface (no source address checking?)

Sjors Gielen wrote:
...
So I wanted two IP's in the machine; I have Hamachi running two times
and I have two interfaces now, ham0 and ham1. There are also two routes:

Destination Gateway Genmask Flags Metric Ref Use Iface
5.0.0.0 * 255.0.0.0 U 0 0 0 ham0
5.0.0.0 * 255.0.0.0 U 0 0 0 ham1

When I ping the ham0 IP, I get a response, everything is OK. However,
when I ping ham1, I get no response. I think this is because the kernel
wants to reply to me, 5.187.x.y, and sees the first route for ham0 in
the route list; but then the driver (or tun/tap) sees the source address
is wrong and refuses to send the packet.

Is this diagnosis true? How would I solve something like this? ...

"Normal" routing does not select routes based on the source address in
outgoing packets. You need "advancing routing" for that. See the
"ip rule" option of the "ip" command.


Here's _part_ of an /etc/ppp/ip-up.d/ script I use to send certain packets
out one interface (ppp0) even though the default route goes out a different
interface (eth0):


ppp_addr="$4"
ppp_peer="$5"

# add rule to match source address, send to new table
ip rule add from "${ppp_addr}" pref 100 table 100

# in new table, send out second interface
ip route add default table 100 proto static via "${ppp_peer}" dev ppp0


(The table number is arbitrary, as long as it doesn't conflict with an
existing table. I used the same number for table number and the "pref" number
to indicate that the table and the rule are associated.)


Daniel
--
(Plain text sometimes corrupted to HTML "courtesy" of Microsoft Exchange.) [F]


Relevant Pages

  • Re: Cant send packets via WiFi (possibly route issue)
    ... I think that this WiFi device should route all ... it should *all* be routed to the eth1 interface. ... Wireless is much like a point-to-point link using ... The connection between the two networks is the "Wifi AP". ...
    (comp.os.linux.networking)
  • RE: Running public IPs inside an RFC 1597 network
    ... > I'm running a typical Class C RFC 1597 network in my lab. ... know or care if we humans designate a subnet as public or private. ... is the absolute most general route there is for a machine. ... In a correctly configured system when you define an interface, ...
    (freebsd-questions)
  • Equal cost paths from separate OSPF Processes
    ... the network statements are valid in all OSPF processes. ... interface Serial0.300 point-to-point ... router#sh ip route ospf ... connected, includes subnets in redistribution ...
    (comp.dcom.sys.cisco)
  • Re: [patch] Problem with two NIC on same NET (in_scrubprefix: err=17, new prefix add failed)
    ... route) is going down, then the network route is replaced by network ... route of the other interface and everything is OK. ... So, at least, a loopback route is installed ...     I need to run some tests on your patch, but keep in mind the LLE_STATIC is sort overloaded ...
    (freebsd-current)
  • Re: panic in rt_check_fib()
    ... It dropped a the lock on one route while it went off an did something ... then brings up the wired interface of my laptop. ... echo '## Bringing up network interface.' ... With your version of rt_check_fibI have no panics so far. ...
    (freebsd-current)