[OpenWrt-Devel] [PATCH netifd 2/6] iprule: Insert network and address ip rules before main table lookup rule
kristian.evensen at gmail.com
Wed Sep 23 05:52:44 EDT 2015
Sorry about partial reply, clumsy fingers.
On Wed, Sep 23, 2015 at 11:31 AM, Hans Dedecker <dedeckeh at gmail.com> wrote:
> Can you share the uci network config and ifstatus of the different
> interfaces ?
UCI config is nothing more than ... proto dhcp ... ip4/ip6table X
>> I don't see any other fix than a partial revert. I guess the ADDR-rule can
> Is the service hosted on the multihomed router or on a lan device; nat
> involved or not ?
The current service I am access is a router located on one of the
> It seems odd to me if the service is hosted on the gateway the nw rule is
> hit as the local table lookup has pref 1 while the NW policy rules start
> from 20000
The route that needs to be hit is contained in main. Here is a more
detailed description of what happens.
- External router has IP 192.168.0.1 and netmask 255.255.255.0.
- When I try to access this router, outgoing traffic is routed
correctly as it does not match any source rules and hit the network
rule in the main table (192.168.0.0/24 dev X src Y).
- When the reply comes, problem occurs. Since the network rule is
checked before the main table, we get a match on the "from
192.168.0.0/24"-rule and packet is routed back out on the
192.168.0.0/24 interface. The correct route (i.e., the route for my
local network) is in the main table.
I have a question about this patch. In what scenario is it needed? Or
rather, will you ever use source based routing and have a default
route in the main table? As far as I remember, these rules are only
added when you have specified an ip4/ip6table. Or do you have one
interface without an ipXtable value?
openwrt-devel mailing list
openwrt-devel at lists.openwrt.org
More information about the openwrt-devel