lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list] 
Date:	Mon, 19 May 2008 17:42:41 +0100
From:	martin f krafft <madduck@...duck.net>
To:	netdev discussion list <netdev@...r.kernel.org>
Cc:	netconf developers list <netconf-devel@...ts.alioth.debian.org>
Subject: multiple default routes

Dear netdev wizards,

it used to be the case that adding a second default route broke
networking to the point where nothing gets routed through either of
the default routes anymore.

For a while now, I noticed that this isn't the case anymore, but
I can't isolate a behaviour that would have me believe that there's
a new default I can build on.

If I add a second default route (via a different gateway):

  default via 10.100.144.1 dev wifi 
  default via 10.11.50.5 dev tun-rw-ul 

then my old connections (via 10.11.50.5) die, new TCP connections
seem to go via 10.100.144.1, but ping does not seem to work:

when I tcpdump on iface 'any', I see e.g. two icmp echo-requests
leaving the machine and none coming back:

  $ sudo tcpdump -ni any icmp &
  $ ping -nc1 debian.org
  PING debian.org (192.25.206.10) 56(84) bytes of data.
  16:38:43.720951 IP 10.100.146.103 > 192.25.206.10: ICMP echo request, id 52285, seq 1, length 64
  16:38:43.720978 IP 10.100.146.103 > 192.25.206.10: ICMP echo request, id 52285, seq 1, length 64

  --- debian.org ping statistics ---
  1 packets transmitted, 0 received, 100% packet loss, time 0ms

If I hook tcpdump to the wifi iface, then I just get one packet
though, but still no replies.

Could someone please fill me in on the expected behaviour of Linux
2.6.18 and beyond when a second default route is added, or point me
to some documentation to read?

-- 
martin | http://madduck.net/ | http://two.sentenc.es/
 
windows 2000: designed for the internet.
the internet: designed for unix.
 
spamtraps: madduck.bogus@...duck.net

Download attachment "digital_signature_gpg.asc" of type "application/pgp-signature" (190 bytes)

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ