From: VARUN BHATIA <varuninbharti@gmail.com>
To: linux-sctp@vger.kernel.org
Subject: Re: SCTP Multihoming Always sending primary interface ip I
Date: Wed, 08 Oct 2014 07:19:04 +0000 [thread overview]
Message-ID: <CAFi7Gby_=usyMc4fs3JzP1ZnTfL5wnkvc_Y5OCkNx81DiD6BRA@mail.gmail.com> (raw)
In-Reply-To: <CAFi7Gbw8e8_y-fmMNPW482os9gq+Y+psf6XyJaq1jm1_1UJt0A@mail.gmail.com>
Hi,
I have made some changes in routing and it seems started working but
having some doubts in that:
ip route add 10.204.200.200 dev eth2 src 10.204.100.100
ip route add 10.205.200.200 dev eth3 src 10.205.100.100
1. My all the ips are plumbed interfaces so whether it is required to
provide precise dev such as eth2:3 or eth3:2 ?
2. After adding this routing I am expecting symmetric routing that is
primary<->primary & secondary<->secondary, but my peer supports
assymetric also such as it secondary sends packet to my primary too,
how should that part be handled ?
Thanks,
Varun
On Tue, Oct 7, 2014 at 1:02 PM, VARUN BHATIA <varuninbharti@gmail.com> wrote:
> Hi Vlad,
>
> For clearing this doubt I created a rule in raw table that it should
> bypass my netfilter module but the issue is still coming:
>
> iptables -t raw -I PREROUTING -i eth3 -j CT --notrack
> iptables -t raw -I PREROUTING -i eth2 -j CT --notrack
>
> Where eth2 is my primary interface.
>
> Thanks,
> Varun
>
> On Fri, Oct 3, 2014 at 8:24 PM, Vlad Yasevich <vyasevich@gmail.com> wrote:
>> On 10/01/2014 09:58 AM, VARUN BHATIA wrote:
>>> Hi,
>>>
>>> They both are on different subnets one is on 10.204 & other o 10.205.
>>>
>>> Kindly let me know what route will be required for this as I am still
>>> stuck in this issue.
>>>
>>
>> If I had to guess, there is some kind of issue in nat/iptables handling....
>>
>> Any change you try without iptables?
>>
>> -vlad
>>
>>> Thanks,
>>> Varun
>>>
>>> On Thu, Sep 25, 2014 at 6:06 PM, Neil Horman <nhorman@tuxdriver.com> wrote:
>>>> On Thu, Sep 25, 2014 at 03:53:13PM +0530, VARUN BHATIA wrote:
>>>>> The mask kept is /16, I placed wrong information correcting it:
>>>>>
>>>>> Host A Host B
>>>>> Primary 10.204.200.200 10.204.100.100
>>>>> Secondary 10.205.200.200 10.205.100.100
>>>>>
>>>>> We are having our customized linux.
>>>>>
>>>>> ip neigh list
>>>>> fe80::224:13ff:fe45:ced4 dev eth3 lladdr 00:24:13:45:ce:d4 router STALE
>>>>> fe80::224:13ff:fe45:ced5 dev eth0 lladdr 00:24:13:45:ce:d5 router STALE
>>>>> 10.205.100.100 dev eth3 lladdr 00:0b:ab:55:57:01 REACHABLE
>>>>>
>>>>> I tried for a workaround and played with nat rules:
>>>>>
>>>>> iptables -t nat -I POSTROUTING -o eth2 -d 10.204.100.100 -j SNAT -p
>>>>> sctp --to 10.204.200.200
>>>>> iptables -t nat -I POSTROUTING -o eth3 -d 10.205.100.100 -j SNAT -p
>>>>> sctp --to 10.205.200.200
>>>>>
>>>>> After this it started working though it is not the correct solution,
>>>>> but yet after this it seems due to some conntrack table entries when I
>>>>> receive request from peer end it is not working proparly:
>>>>>
>>>>> 3.484280 10.205.200.200 -> 10.205.100.100 SCTP 98 INIT
>>>>> 3.488652 10.205.100.100 -> 10.205.200.200 SCTP 354 INIT_ACK
>>>>> 3.488706 10.205.200.200 -> 10.205.100.100 SCTP 310 COOKIE_ECHO
>>>>> 3.488923 10.205.100.100 -> 10.205.200.200 SCTP 60 COOKIE_ACK
>>>>>
>>>>> 3.497282 10.205.200.200 -> 10.205.100.100 SCTP 62 SACK
>>>>>
>>>>> 6.512476 10.205.100.100 -> 10.205.200.200 SCTP 98 INIT
>>>>> 6.512575 10.204.200.200 -> 10.205.100.100 SCTP 354 INIT_ACK
>>>>>
>>>>> 21.240776 10.205.100.100 -> 10.205.200.200 SCTP 310 COOKIE_ECHO
>>>>> 21.240866 10.204.200.200 -> 10.205.100.100 SCTP 50 COOKIE_ACK
>>>>> 21.242183 10.205.100.100 -> 10.205.200.200 SCTP 60 SHUTDOWN
>>>>> 21.242237 10.205.200.200 -> 10.205.100.100 SCTP 50 SHUTDOWN_ACK
>>>>> 21.242353 10.205.100.100 -> 10.205.200.200 SCTP 60 SHUTDOWN_COMPLETE
>>>>>
>>>>> When peer end sends INIT my box again send INIT_ACK using primary ip
>>>>> address simlarly for COOKIE_ACK also, but SHUTDOWN ACK it is sending
>>>>> correct.
>>>>>
>>>>> Not sure what I am missing here, kindly provide your inputs on this ?
>>>>>
>>>>> Thanks,
>>>>> Varun
>>>>>
>>>>
>>>> This is working as designed. Since both your host addresses are on the same
>>>> subnet, and since ip addresses are owned by the system in linux, not the
>>>> interface, its not really relevant which source address is used. If you want to
>>>> force source ip addresses to be used for the interface you are sending from,
>>>> you'll want to add higher priority routes that specify the src address.
>>>>
>>>> Neil
>>>>
>>>
>>>
>>>
>>
>
>
>
> --
> Regards,
> Varun Bhatia
--
Regards,
Varun Bhatia
next prev parent reply other threads:[~2014-10-08 7:19 UTC|newest]
Thread overview: 18+ messages / expand[flat|nested] mbox.gz Atom feed top
2014-09-24 12:56 SCTP Multihoming Always sending primary interface ip I VARUN BHATIA
2014-09-24 13:06 ` Vlad Yasevich
2014-09-24 15:54 ` Varun Bhatia
2014-09-24 16:33 ` Vlad Yasevich
2014-09-24 17:38 ` VARUN BHATIA
2014-09-24 18:22 ` Vlad Yasevich
2014-09-25 10:35 ` VARUN BHATIA
2014-09-25 12:36 ` Neil Horman
2014-10-01 13:58 ` VARUN BHATIA
2014-10-03 13:24 ` Neil Horman
2014-10-03 14:54 ` Vlad Yasevich
2014-10-07 7:44 ` VARUN BHATIA
2014-10-08 7:19 ` VARUN BHATIA [this message]
2014-10-08 13:17 ` Neil Horman
2014-10-13 13:38 ` VARUN BHATIA
2014-10-14 9:08 ` Vladislav Yasevich
2014-10-14 13:14 ` VARUN BHATIA
2014-10-20 13:10 ` Neil Horman
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to='CAFi7Gby_=usyMc4fs3JzP1ZnTfL5wnkvc_Y5OCkNx81DiD6BRA@mail.gmail.com' \
--to=varuninbharti@gmail.com \
--cc=linux-sctp@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.