Re: Kernel Routing sequence

From: Henrik Nordstrom
Date: Mon Aug 15 2005 - 04:39:00 EST


On Fri, 12 Aug 2005, Al Boldi wrote:

Recap:

ip route list:
10.0.0.0/24 dev eth0 proto kernel scope link src 10.0.0.1
10.0.1.0/24 dev eth1 proto kernel scope link src 10.0.1.1
10.0.0.0/8 dev eth0 proto kernel scope link src 10.0.0.1
127.0.0.0/8 dev lo scope link

ip route list match 10.0.1.2:
10.0.1.0/24 dev eth1 proto kernel scope link src 10.0.1.1
10.0.0.0/8 dev eth0 proto kernel scope link src 10.0.0.1

ip route list match 10.0.1.2/8:
10.0.0.0/8 dev eth0 proto kernel scope link src 10.0.0.1

Which is correct even if confusing as dst lookup of 10.0.1.2/8 is a lookup of dst 10.0.0.0 from the simple fact that IP addresses does not have netmasks, only networks do.

Now:
Host receives ping from 10.0.1.2/8 on 10.0.0.0/8 eth0
Host replies to 10.0.1.2 using route 10.0.1.0/24 eth1.

Which is also correct given the above routing and interface configuration.

Host should have replied to 10.0.1.2 using route 10.0.0.0/8 eth0!

No, as according to your host configuration 10.0.1.0/24 (10.0.1.0-10.0.1.255) is on eth1, not eth0.

Is it possible to instruct the Kernel to use the dest-mask instead of
just letting it assume /32?

What you mean here? Your kernel is told that 10.0.1.0/24 is on eth1, and the destination is in that network.

The packet received only had the addressing ICMP ECHO REQUEST from 10.0.1.2 to 10.0.0.1 seen on eth0. It then constructs a ICMP ECHO RESPONSE from 10.0.0.1 to 10.0.1.2 and routes this according to your routing table which says the packet should be sent out on eth1.

IP addresses are just IP addresses, not address + mask. The mask size of addresses is not relevant to the address, what is relevant is the destination routes you have which clearly says that 10.0.1.x/24 (10.0.1.0-10.0.1.255) is on the network connected to eth1, and the rest of 10.x/8 is on eth0.

If the 10.0.1.0/24 network is not on eth1 then don't configure eth1 in this manner.

If you really want eth1 to be configured with address 10.0.1.1 but not actually connected to the network where the stations with addresses 10.0.1.2-10.0.1.254 are connected then configure the interface with a /32 netmask. But in this case you could just as well disconnect the interface and add 10.0.1.1/32 as an alias to eth0 which will do just the same.

It all boils down to what the purpose of your eth1 interface is in this configuration, and why it is configured with 10.0.1.1/24 network address? By configuring this interface with the network 10.0.1.0/24 the addresses 10.0.1.0-10.0.1.255 can not be used in any other network connected to your host. IP quite strongly defines that one IP address must only be used on a single station within the same routed network (in your case eth0 + eth1).

Regards
Henrik

-
To unsubscribe from this list: send the line "unsubscribe linux-net" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html