Re: Do Routing-policies have effect on local-originated packets?

Andi Kleen (ak@muc.de)
Thu, 23 Dec 1999 12:14:12 +0100

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Jamie Lokier: "Re: [patch] 2.3.35pre3: Don't reset parallel port devs at init"
Previous message: Marek Habersack: "Re: Bloat? (khttpd)"

On Thu, Dec 23, 1999 at 11:31:43AM +0100, Florian Heinz wrote:
> Andi Kleen wrote:
> >
> > adsmail@htl.de (Andreas Scherbaum) writes:
> > >
> > > Here's a tcpdump (sending a nameserver request to the second ip ...)
> > > $ host 192.168.0.1 192.168.0.201
> > >
> > > # tcpdump -p -i eth1:
> > > 18:13:59.988575 192.168.0.15.1128 > 192.168.0.201.domain: 34740+ (28)
> > > 18:14:00.036535 192.168.0.15.1128 > 192.168.0.201.domain: 34741+ (28)
> > >
> > > # tcpdump -p -i eth0:
> > > 18:14:09.514938 192.168.0.201.domain > 192.168.0.15.1128: 16413 1/3/3
> > > (161)
> > > 18:14:09.570556 192.168.0.201.domain > 192.168.0.15.1128: 16414 0/1/0
> > > (81)
> > >
> > > Why is the kernel sending this packages trough the first interface and
> > > how can i change it to using the right interface?
> >
> > Because the kernel does not know that the incoming packet and the outgoing
> > packet are in any way related (UDP has no connection between packets, it
> > is all in above layers if at all). The routing table doesn't say anything
> > about it. So the only way to get the semantics you want is to change bind
> > to receive the incoming interface with the IP_PKTINFO cmsg, look at the
> > ipi_ifindex and set it for outgoing packets on the same conversation to the
> > same interface.
>
> But why is this relevant for policy-routing? The kernel sees: the local
> packet has source-ip e.g. 192.168.0.2, then he looks at the rules...
> rules say sth like: "from 192.168.0.2 table 20", and table 20 says route
> through eth2
> or the source-ip is 192.168.0.3... rules say "from 192.168.0.3 table
> 30", table 30 says route through eth3

He was talking about locally generated packets. If the packets have
different source addresses that is no problem of course. For forwarded
packets they probably have. For locally generally packets when the
application does not do an explicit bind(2) the kernel automagically choses
an appropiate interface, which is usually the first that makes sense.
Thus if you want to always answer on the same interface you would need
multiple sockets, each bound to one interface using SO_BINDTODEVICE [if you
have multiple ones with the same IP] or bind(2) [if they have at least
different IPs]. Using IP_PKTINFO is a more lightweight alternative.

As for the difference between TCP and UDP: TCP is connection oriented
and always uses the destination address of the first SYN packet as source
address. In case of having multiple interfaces with the same IP it uses
the first as usual (except when you have load balancing active of course)

-Andi

--- This is like TV. I don't like TV.

- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.rutgers.edu Please read the FAQ at http://www.tux.org/lkml/

Next message: Jamie Lokier: "Re: [patch] 2.3.35pre3: Don't reset parallel port devs at init"
Previous message: Marek Habersack: "Re: Bloat? (khttpd)"