All of lore.kernel.org
 help / color / mirror / Atom feed
* [LARTC] mutliple default routes, rp_filter and martians
@ 2007-02-10 13:29 Brian J. Murrell
  0 siblings, 0 replies; only message in thread
From: Brian J. Murrell @ 2007-02-10 13:29 UTC (permalink / raw)
  To: lartc


[-- Attachment #1.1: Type: text/plain, Size: 1663 bytes --]

I have a theory on the cause of a problem but it is still only a theory.
I wonder if anyone here can confirm.

I have a multi-isp configuration with a multi-path default route to each
ISP, equally weighted.

I am seeing, periodically, traffic dropped due to martian detection and
errors logged on inbound traffic, but at other times, that same exact
traffic will be allowed, no errors.

My supposition is this:  If I use "ip route get <source_addr>" for the
source address that rp_filter is dropping traffic from I can see that
it's reporting that traffic to that address would use the alternate ISP
interface from the one it's being received on (and logged as a martian
and dropped).  If I continue to use ip get route on that address
eventually it will report the interface that the traffic is being
received on -- that would be the balancing feature of the multiple
paths.

I believe that during these times when ip route get is reporting the
alternate interface, the kernel would also log inbound packets from that
address as martians.  Is this the case?

To further confirm my supposition, while my gateway is dropping packets
and logging them as martians, I can install a route specifically for
that source pointing to the interface that they are being received on
and the dropping/martian logging stops and the traffic is received.

So to summarize it seems that when doing the rp_filter tests, the kernel
only uses the "current default" route and not all available default
routes when determining the reverse path.  Is this true?

Thanx,
b.

-- 
My other computer is your Microsoft Windows server.

Brian J. Murrell

[-- Attachment #1.2: This is a digitally signed message part --]
[-- Type: application/pgp-signature, Size: 189 bytes --]

[-- Attachment #2: Type: text/plain, Size: 143 bytes --]

_______________________________________________
LARTC mailing list
LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc

^ permalink raw reply	[flat|nested] only message in thread
only message in thread, other threads:[~2007-02-10 13:29 UTC | newest]

Thread overview: (only message) (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2007-02-10 13:29 [LARTC] mutliple default routes, rp_filter and martians Brian J. Murrell

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.