ip rule cannot match based on the source IPv4 address
Brandon Zhi
Brandon at huize.asia
Sun Mar 19 11:06:31 CET 2023
Hi guys,
I'm doing a "split routing table" on my router, and I'm importing routes
into specific kernel routing tables via bird.
So I'm doing some strange routing by using ip rule.
[root at archlinux ~]# ip -4 rule
0: from all lookup local
32751: from 134.195.121.118 lookup 101
32752: from all iif Tanuki_IX lookup 147
32753: from all iif ens19 lookup 147
32754: from all iif cu_gre6 lookup 247
32755: from all iif cu lookup 147
32756: from all iif openvpn_stuix.5 lookup 247
32757: from all iif openvpn_stuix lookup 147
32758: from all iif openvpn_c1v lookup 147
32759: from all iif openvpn_c1v.5 lookup 247
32760: from all iif openvpn_Eric.5 lookup 247
32761: from all iif openvpn_Eric lookup 147
32762: from all iif ll-ix lookup 147
32763: from all iif ll-ix_gre6 lookup 247
32764: from all iif KSKB lookup 147
32765: from all iif KSKB_gre6 lookup 247
32766: from all lookup main
32767: from all lookup default
As you could see, IPv4 from 134.195.121.118/32 will using table 101 which
only contain
[root at archlinux ~]# ip -4 route show table 101
default via 33.0.0.6 dev openvpn_Eric
[root at archlinux ~]#
When I am mtr to 8.8.8.8, it still uses the main route table NOT table 101
which does not follow the ip rule.
[root at archlinux ~]# mtr -a 134.195.121.118 8.8.8.8
[root at archlinux ~]# tcpdump -i any host 134.195.121.118
tcpdump: data link type LINUX_SLL2
tcpdump: verbose output suppressed, use -v[v]... for full protocol decode
listening on any, link-type LINUX_SLL2 (Linux cooked v2), snapshot length
262144 bytes
13:30:11.991460 ens18 Out IP archlinux > dns.google: ICMP echo request, id
65299, seq 33008, length 44
13:30:11.998947 openvpn_Eric Out IP archlinux.palace-2 >
172.17.0.1.palace-2: UDP, length 28
13:30:11.999059 openvpn_Eric Out IP archlinux.33915 > 172.17.0.1.palace-2:
UDP, length 28
13:30:11.999384 openvpn_Eric Out IP archlinux.27004 > 172.17.0.1.palace-2:
UDP, length 28
13:30:12.006020 openvpn_Eric Out IP archlinux.palace-2 >
59.200.0.1.palace-2: UDP, length 28
13:30:12.006096 openvpn_Eric Out IP archlinux.33915 > 59.200.0.1.palace-2:
UDP, length 28
13:30:12.006136 openvpn_Eric Out IP archlinux.27004 > 59.200.0.1.palace-2:
UDP, length 28
13:30:12.017489 openvpn_Eric Out IP archlinux.palace-2 >
208.99.49.1.palace-2: UDP, length 28
13:30:12.017628 openvpn_Eric Out IP archlinux.33915 > 208.99.49.1.palace-2:
UDP, length 28
13:30:12.017650 openvpn_Eric Out IP archlinux.27004 > 208.99.49.1.palace-2:
UDP, length 28
13:30:12.023034 openvpn_Eric Out IP archlinux.palace-2 >
172.23.89.1.palace-2: UDP, length 28
13:30:12.023147 openvpn_Eric Out IP archlinux.33915 > 172.23.89.1.palace-2:
UDP, length 28
13:30:12.023202 openvpn_Eric Out IP archlinux.27004 > 172.23.89.1.palace-2:
UDP, length 28
13:30:12.027182 openvpn_Eric Out IP archlinux.palace-2 > 172.17.0.1.24452:
UDP, length 28
13:30:12.027203 openvpn_Eric Out IP archlinux.33915 > 172.17.0.1.24452:
UDP, length 28
13:30:12.027212 openvpn_Eric Out IP archlinux.27004 > 172.17.0.1.24452:
UDP, length 28
13:30:12.031218 openvpn_Eric Out IP archlinux.palace-2 > 59.200.0.1.24452:
UDP, length 28
13:30:12.031235 openvpn_Eric Out IP archlinux.33915 > 59.200.0.1.24452:
UDP, length 28
13:30:12.031243 openvpn_Eric Out IP archlinux.27004 > 59.200.0.1.24452:
UDP, length 28
13:30:12.036170 openvpn_Eric Out IP archlinux.palace-2 > 208.99.49.1.24452:
UDP, length 28
13:30:12.036192 openvpn_Eric Out IP archlinux.33915 > 208.99.49.1.24452:
UDP, length 28
13:30:12.036200 openvpn_Eric Out IP archlinux.27004 > 208.99.49.1.24452:
UDP, length 28
13:30:12.040852 openvpn_Eric Out IP archlinux.palace-2 > 172.23.89.1.24452:
UDP, length 28
13:30:12.040873 openvpn_Eric Out IP archlinux.33915 > 172.23.89.1.24452:
UDP, length 28
13:30:12.040881 openvpn_Eric Out IP archlinux.27004 > 172.23.89.1.24452:
UDP, length 28
13:30:12.046089 openvpn_Eric Out IP archlinux.palace-2 > 172.17.0.1.24453:
UDP, length 28
13:30:12.046119 openvpn_Eric Out IP archlinux.33915 > 172.17.0.1.24453:
UDP, length 28
13:30:12.046138 openvpn_Eric Out IP archlinux.27004 > 172.17.0.1.24453:
UDP, length 28
13:30:12.051427 openvpn_Eric Out IP archlinux.palace-2 > 59.200.0.1.24453:
UDP, length 28
13:30:12.051453 openvpn_Eric Out IP archlinux.33915 > 59.200.0.1.24453:
UDP, length 28
13:30:12.051467 openvpn_Eric Out IP archlinux.27004 > 59.200.0.1.24453:
UDP, length 28
13:30:12.055046 openvpn_Eric Out IP archlinux.palace-2 > 208.99.49.1.24453:
UDP, length 28
13:30:12.055075 openvpn_Eric Out IP archlinux.33915 > 208.99.49.1.24453:
UDP, length 28
13:30:12.055085 openvpn_Eric Out IP archlinux.27004 > 208.99.49.1.24453:
UDP, length 28
13:30:12.058847 openvpn_Eric Out IP archlinux.palace-2 > 172.23.89.1.24453:
UDP, length 28
13:30:12.058874 openvpn_Eric Out IP archlinux.33915 > 172.23.89.1.24453:
UDP, length 28
13:30:12.058886 openvpn_Eric Out IP archlinux.27004 > 172.23.89.1.24453:
UDP, length 28
13:30:12.091913 ens18 Out IP archlinux > dns.google: ICMP echo request, id
65299, seq 33009, length 44
13:30:12.096047 openvpn_Eric Out IP archlinux.palace-2 >
7.254.0.1.palace-2: UDP, length 28
13:30:12.096081 openvpn_Eric Out IP archlinux.33915 > 7.254.0.1.palace-2:
UDP, length 28
13:30:12.096092 openvpn_Eric Out IP archlinux.27004 > 7.254.0.1.palace-2:
UDP, length 28
13:30:12.101389 openvpn_Eric Out IP archlinux.palace-2 > 7.254.0.1.24452:
UDP, length 28
13:30:12.101409 openvpn_Eric Out IP archlinux.33915 > 7.254.0.1.24452: UDP,
length 28
13:30:12.101422 openvpn_Eric Out IP archlinux.27004 > 7.254.0.1.24452: UDP,
length 28
13:30:12.192666 ens18 Out IP archlinux > dns.google: ICMP echo request, id
65299, seq 33010, length 44
13:30:12.293006 ens18 Out IP archlinux > dns.google: ICMP echo request, id
65299, seq 33011, length 44
13:30:12.393416 ens18 Out IP archlinux > dns.google: ICMP echo request, id
65299, seq 33012, length 44
13:30:12.494029 ens18 Out IP archlinux > dns.google: ICMP echo request, id
65299, seq 33013, length 44
13:30:12.607660 ens18 Out IP archlinux > dns.google: ICMP echo request, id
65299, seq 33014, length 44
13:30:12.679414 ens18 Out IP archlinux > dns.google: ICMP echo request, id
65299, seq 33015, length 44
13:30:12.966665 ens18 Out IP archlinux > dns.google: ICMP echo request, id
65299, seq 33019, length 44
13:30:13.039053 ens18 Out IP archlinux > dns.google: ICMP echo request, id
65299, seq 33020, length 44
13:30:14.045371 ens18 Out IP archlinux > dns.google: ICMP echo request, id
65299, seq 33034, length 44
13:30:14.116878 ens18 Out IP archlinux > dns.google: ICMP echo request, id
65299, seq 33035, length 44
13:30:14.188702 ens18 Out IP archlinux > dns.google: ICMP echo request, id
65299, seq 33036, length 44
13:30:14.260455 ens18 Out IP archlinux > dns.google: ICMP echo request, id
65299, seq 33037, length 44
13:30:14.332277 ens18 Out IP archlinux > dns.google: ICMP echo request, id
65299, seq 33038, length 44
13:30:14.404019 ens18 Out IP archlinux > dns.google: ICMP echo request, id
65299, seq 33039, length 44
13:30:14.475861 ens18 Out IP archlinux > dns.google: ICMP echo request, id
65299, seq 33040, length 44
13:30:14.547705 ens18 Out IP archlinux > dns.google: ICMP echo request, id
65299, seq 33041, length 44
13:30:14.619529 ens18 Out IP archlinux > dns.google: ICMP echo request, id
65299, seq 33042, length 44
13:30:14.691361 ens18 Out IP archlinux > dns.google: ICMP echo request, id
65299, seq 33043, length 44
13:30:14.763157 ens18 Out IP archlinux > dns.google: ICMP echo request, id
65299, seq 33044, length 44
13:30:14.834959 ens18 Out IP archlinux > dns.google: ICMP echo request, id
65299, seq 33045, length 44
13:30:14.906978 ens18 Out IP archlinux > dns.google: ICMP echo request, id
65299, seq 33046, length 44
13:30:14.978577 ens18 Out IP archlinux > dns.google: ICMP echo request, id
65299, seq 33047, length 44
13:30:15.050371 ens18 Out IP archlinux > dns.google: ICMP echo request, id
65299, seq 33048, length 44
13:30:15.122227 ens18 Out IP archlinux > dns.google: ICMP echo request, id
65299, seq 33049, length 44
13:30:15.193915 ens18 Out IP archlinux > dns.google: ICMP echo request, id
65299, seq 33050, length 44
13:30:15.265629 ens18 Out IP archlinux > dns.google: ICMP echo request, id
65299, seq 33051, length 44
13:30:15.325557 openvpn_Eric Out IP archlinux.palace-2 >
root-mia-01.zerotier.com.palace-2: UDP, length 137
13:30:15.325578 openvpn_Eric Out IP archlinux.33915 >
root-mia-01.zerotier.com.palace-2: UDP, length 137
13:30:15.325586 openvpn_Eric Out IP archlinux.27004 >
root-mia-01.zerotier.com.palace-2: UDP, length 137
13:30:15.328638 openvpn_Eric Out IP archlinux.palace-2 >
root-zrh-01.zerotier.com.palace-2: UDP, length 137
13:30:15.328657 openvpn_Eric Out IP archlinux.33915 >
root-zrh-01.zerotier.com.palace-2: UDP, length 137
13:30:15.328667 openvpn_Eric Out IP archlinux.27004 >
root-zrh-01.zerotier.com.palace-2: UDP, length 137
13:30:15.329981 openvpn_Eric Out IP archlinux.palace-2 >
root-sgp-01.zerotier.com.palace-2: UDP, length 137
13:30:15.329998 openvpn_Eric Out IP archlinux.33915 >
root-sgp-01.zerotier.com.palace-2: UDP, length 137
13:30:15.330007 openvpn_Eric Out IP archlinux.27004 >
root-sgp-01.zerotier.com.palace-2: UDP, length 137
13:30:15.332916 openvpn_Eric Out IP archlinux.palace-2 >
104.194.8.134.palace-2: UDP, length 137
13:30:15.332934 openvpn_Eric Out IP archlinux.33915 >
104.194.8.134.palace-2: UDP, length 137
13:30:15.332941 openvpn_Eric Out IP archlinux.27004 >
104.194.8.134.palace-2: UDP, length 137
As you could see, the package still using the default route table not table
101.
This happens on Debian at the same time, and I think it's a problem about
Linux, not just ArchLinux. I also tested passing ip -6 rule add from some
ipv6 address table 101. It can work normally, that is to say, there is a
matching problem with ipv4 in ip rule, but this phenomenon does not exist
in ipv6.
Best,
*Brandon Zhi*
HUIZE LTD
www.huize.asia <https://huize.asia/>| www.ixp.su | Twitter
This e-mail and any attachments or any reproduction of this e-mail in
whatever manner are confidential and for the use of the addressee(s) only.
HUIZE LTD can’t take any liability and guarantee of the text of the email
message and virus.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://trubka.network.cz/pipermail/bird-users/attachments/20230319/bf82279c/attachment.htm>
More information about the Bird-users
mailing list