Source address selection for transit-router with "blackholed" linknet
oskar at cetex.se
oskar at cetex.se
Thu Nov 13 23:06:25 CET 2014
Hi!
I'm working on getting a few linux-routers with bird up and running and
I'm wondering: Is there any way to influence source-address selection
for the routes installed by bird? (how do other bird-users handle this?,
I guess I'm not alone?)
We have a transit from a provider that doesn't announce the linknet, as
a lot of providers do. (and i shouldn't source traffic from the linknet,
i should use own addresses)
When i source traffic from the server/router it seems linux
default-action is to select the interface closest to the destination
which is the peering-linknet and it happily sends tcp / udp / icmp
requests to the world.
The replies never make it back though since the ip isn't reachable from
anywhere else.
With ip route there seems to be this flag "src <addr>", so you can
specify "ip route add x.x.x.x/y via z.z.z.z src a.a.a.a", this
influences the kernel to select src a.a.a.a when sending traffic to
x.x.x.x/y, but i haven't found such an option in the kernel-table in
bird.
If i have a router where only the "inside"-ip is reachable from the
internet, and all routes point to the outside, how do i make it source
all locally generated traffic from the inside-ip?
Do you setup multiple routing-tables and set the default-table to
direct traffic to the inside, then on the inside-interface have the full
routing table (would this work?), or how do you handle this?
Best regards
Oskar Stenman
More information about the Bird-users
mailing list