Hello.
I'm using chrony on a Linux router which has multiple addresses, BGP and thus such scenario happens: - packet comes in from IP address A via eth1.25 interface to B ipaddress where chronyd listens - chronyd wants to respond and forces eth1.25 interface - BUT route to IP A network in kernel routing table is via eth1.15 interface (preferred route set by BGP daemon). End result is that sendmsg() is called with A IP (which is ok) and eth1.25 interface (which should work IMO but kernel doesn't send out the packet). sendmsg(5, {msg_name={sa_family=AF_INET, sin_port=htons(45794), sin_addr=inet_addr("... A ...")}, msg_namelen=16, msg_iov=[{iov_base="$\3\4\355\0\0\4\253\0\0\3\210[\324\362\25\342Rv\267\td\t\373\342Rv\311\n\304`\356\342Rv\311\f\3054,\342Rv\311\r\0306z", iov_len=48}], msg_iovlen=1, msg_control=[{cmsg_len=24, cmsg_level=SOL_IP, cmsg_type=IP_PKTINFO, cmsg_data={ipi_ifindex=if_nametoindex("eth1.25"), ipi_spec_dst=inet_addr("one_of_my_local_ips"), ipi_addr=inet_addr("0.0.0.0")}}], msg_controllen=24, msg_flags=0}, 0) = 48 According to tcpdump kernel 5.4.35 doesn't send such UDP packet via any interface. My guess is that kernel sees that route to A network is via eth1.15 and thus discard such eth1.25 request somehow. If I force eth1.15 interface: ipi->ipi_ifindex = if_nametoindex("eth1.15"); (instead of current ipi->ipi_ifindex = local_addr->if_index;) then replies go out correctly and tcpdump sees these. Now why kernel discards such sendmsg() without immediate error - no idea. Bisecting shows commit below but commit log doesn't explain what's the case when wrong interface being used (despite correct src address being selected). 5fc7674e366fa1bfda162bdaba57243cff0a55a7 is the first bad commit commit 5fc7674e366fa1bfda162bdaba57243cff0a55a7 Author: Miroslav Lichvar <mlich...@redhat.com> Date: Wed Aug 29 10:56:14 2018 +0200 ntp: set interface index in IP*_PKTINFO when responding When a server with multiple interfaces in the same network is sending a response, setting the ipi_spec_dst/ipi6_addr field of the IP*_PKTINFO control message selects the source address, but not necessarily the interface. The packet has the expected source address, but it may be sent by an interface that doesn't have the address. Set the ipi_ifindex/ipi6_ifindex field to respond on the same interface as the request was received from to avoid asymmetries in delay and timestamping. ntp_io.c | 4 ++++ 1 file changed, 4 insertions(+) -- Arkadiusz Miśkiewicz, arekm / ( maven.pl | pld-linux.org ) -- To unsubscribe email chrony-dev-requ...@chrony.tuxfamily.org with "unsubscribe" in the subject. For help email chrony-dev-requ...@chrony.tuxfamily.org with "help" in the subject. Trouble? Email listmas...@chrony.tuxfamily.org.