iproute2: removing primary address removes secondaries
Dear list, When I add an address to an interface whose network prefix is the same as that of an address already bound to the interface, the new address becomes a secondary address. As per http://www.policyrouting.org/iproute2.doc.html: secondary --- this address is not used when selecting the default source address for outgoing packets. An IP address becomes secondary if another address within the same prefix (network) already exists. The first address within the prefix is primary and is the tag address for the group of all the secondary addresses. When the primary address is deleted all of the secondaries are purged too. In the following, I want to argue that this is not necessary. I think that removal of a primary address should cause the next address to be promoted to be the default source address and the link-scoped route to be retained. This is basically out of http://bugs.debian.org/429689, the maintainer asked me to turn directly to this list. If I add an address to a device with 'ip add', ip also implicitly adds a link-scoped route according to the netmask. It only does this for primary addresses, so if I add a second address within the same network, the route is not duplicated. Thus, the net effect on the routing table is the same for the following two commands: ip a a 172.16.0.100/12 dev eth0 ip a a 172.16.0.200/12 dev eth0 ip a a 172.16.0.100/12 dev eth0 ip a a 172.16.0.200/32 dev eth0 In the first case, the .200 address becomes a secondary of the .100 address. In the second case, they are both primaries. In both cases, only one /12 link-scoped route will be created. However, in both cases, if I remove the .100 address, the .200 is affected: if it's secondary, it ceases to exist, and if it's primary (i.e. in the /32 case), then the host can no longer use it to communicate to hosts in the same link segment, only to hosts on the other side of the default gateway. I thus question the point of purging secondary addresses. Obviously, only one address can be primary (it is used as source address for packets leaving the machine by the respective route). But if the primary address is removed, the next secondary should be promoted and the route should *not* be deleted. Comments? Cheers, -- martin | http://madduck.net/ | http://two.sentenc.es/ microsoft: for when quality, reliability, and security just aren't that important! spamtraps: [EMAIL PROTECTED] digital_signature_gpg.asc Description: Digital signature (see http://martin-krafft.net/gpg/)
why does promote_secondaries default to off? (was: iproute2: removing primary address removes secondaries)
also sprach Daniel Lezcano [EMAIL PROTECTED] [2008.01.11.1813 +0100]: There is a tweak in /proc/sys which activate secondaries promotion when a primary is deleted. /proc/sys/net/ipv4/conf/all/promote_secondaries I think it changes the behavior to the one you wish. Totally. That would have been the last place I had looked. Thank you! Do you have any idea why this isn't on by default? -- martin | http://madduck.net/ | http://two.sentenc.es/ i never go without my dinner. no one ever does, except vegetarians and people like that. -- oscar wilde spamtraps: [EMAIL PROTECTED] digital_signature_gpg.asc Description: Digital signature (see http://martin-krafft.net/gpg/)
Re: iproute2: removing primary address removes secondaries
martin f krafft wrote: Dear list, When I add an address to an interface whose network prefix is the same as that of an address already bound to the interface, the new address becomes a secondary address. As per http://www.policyrouting.org/iproute2.doc.html: secondary --- this address is not used when selecting the default source address for outgoing packets. An IP address becomes secondary if another address within the same prefix (network) already exists. The first address within the prefix is primary and is the tag address for the group of all the secondary addresses. When the primary address is deleted all of the secondaries are purged too. In the following, I want to argue that this is not necessary. I think that removal of a primary address should cause the next address to be promoted to be the default source address and the link-scoped route to be retained. This is basically out of http://bugs.debian.org/429689, the maintainer asked me to turn directly to this list. If I add an address to a device with 'ip add', ip also implicitly adds a link-scoped route according to the netmask. It only does this for primary addresses, so if I add a second address within the same network, the route is not duplicated. Thus, the net effect on the routing table is the same for the following two commands: ip a a 172.16.0.100/12 dev eth0 ip a a 172.16.0.200/12 dev eth0 ip a a 172.16.0.100/12 dev eth0 ip a a 172.16.0.200/32 dev eth0 In the first case, the .200 address becomes a secondary of the .100 address. In the second case, they are both primaries. In both cases, only one /12 link-scoped route will be created. However, in both cases, if I remove the .100 address, the .200 is affected: if it's secondary, it ceases to exist, and if it's primary (i.e. in the /32 case), then the host can no longer use it to communicate to hosts in the same link segment, only to hosts on the other side of the default gateway. I thus question the point of purging secondary addresses. Obviously, only one address can be primary (it is used as source address for packets leaving the machine by the respective route). But if the primary address is removed, the next secondary should be promoted and the route should *not* be deleted. Comments? Cheers, There is a tweak in /proc/sys which activate secondaries promotion when a primary is deleted. /proc/sys/net/ipv4/conf/all/promote_secondaries I think it changes the behavior to the one you wish. Regards -- To unsubscribe from this list: send the line unsubscribe netdev in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html
Re: iproute2: removing primary address removes secondaries
echo 1 /proc/sys/net/ipv4/conf/all/promote_secondaries -- To unsubscribe from this list: send the line unsubscribe netdev in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html
