On Wed, Sep 23, 2015 at 11:52 AM, Kristian Evensen < [email protected]> wrote:
> Sorry about partial reply, clumsy fingers. > > On Wed, Sep 23, 2015 at 11:31 AM, Hans Dedecker <[email protected]> > wrote: > > Can you share the uci network config and ifstatus of the different > > interfaces ? > > UCI config is nothing more than ... proto dhcp ... ip4/ip6table X > > >> > >> > >> I don't see any other fix than a partial revert. I guess the ADDR-rule > can > >> stay. > > > > Is the service hosted on the multihomed router or on a lan device; nat > > involved or not ? > > The current service I am access is a router located on one of the > external networks. > > > It seems odd to me if the service is hosted on the gateway the nw rule is > > hit as the local table lookup has pref 1 while the NW policy rules start > > from 20000 > > The route that needs to be hit is contained in main. Here is a more > detailed description of what happens. > > - External router has IP 192.168.0.1 and netmask 255.255.255.0. > - When I try to access this router, outgoing traffic is routed > correctly as it does not match any source rules and hit the network > rule in the main table (192.168.0.0/24 dev X src Y). > - When the reply comes, problem occurs. Since the network rule is > checked before the main table, we get a match on the "from > 192.168.0.0/24"-rule and packet is routed back out on the > 192.168.0.0/24 interface. The correct route (i.e., the route for my > local network) is in the main table. > Ah ok I see the issue; traffic coming from behind the gateway and targeted to a direct connected device on the wan is impacted. > > I have a question about this patch. In what scenario is it needed? Or > rather, will you ever use source based routing and have a default route in the main table? As far as I remember, these rules are only Indeed we're using source based routing in combination with a default route in the main routing table; even the specific routing table(s) can contain a default route Based on the addr rule the traffic is guided to a specific routing table so it leaves on the correct interface Hans > added when you have specified an ip4/ip6table. Or do you have one interface without an ipXtable value? > > -Kristian >
_______________________________________________ openwrt-devel mailing list [email protected] https://lists.openwrt.org/cgi-bin/mailman/listinfo/openwrt-devel
