Source address selection for transit-router with "blackholed" linknet
Baptiste Jonglez
baptiste at bitsofnetworks.org
Thu Nov 13 23:45:52 CET 2014
Yes, it's a common pitfall, look for "krt_prefsrc" in the doc.
Or have a look at
https://dn42.net/howto/bird#Source-address-selection
(sorry, certificate seems to have expired)
On Thu, Nov 13, 2014 at 11:06:25PM +0100, oskar at cetex.se wrote:
> Hi!
>
> I'm working on getting a few linux-routers with bird up and running and I'm
> wondering: Is there any way to influence source-address selection for the
> routes installed by bird? (how do other bird-users handle this?, I guess I'm
> not alone?)
>
> We have a transit from a provider that doesn't announce the linknet, as a
> lot of providers do. (and i shouldn't source traffic from the linknet, i
> should use own addresses)
> When i source traffic from the server/router it seems linux default-action
> is to select the interface closest to the destination which is the
> peering-linknet and it happily sends tcp / udp / icmp requests to the world.
> The replies never make it back though since the ip isn't reachable from
> anywhere else.
>
> With ip route there seems to be this flag "src <addr>", so you can specify
> "ip route add x.x.x.x/y via z.z.z.z src a.a.a.a", this influences the kernel
> to select src a.a.a.a when sending traffic to x.x.x.x/y, but i haven't found
> such an option in the kernel-table in bird.
>
> If i have a router where only the "inside"-ip is reachable from the
> internet, and all routes point to the outside, how do i make it source all
> locally generated traffic from the inside-ip?
>
> Do you setup multiple routing-tables and set the default-table to direct
> traffic to the inside, then on the inside-interface have the full routing
> table (would this work?), or how do you handle this?
>
> Best regards
> Oskar Stenman
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 819 bytes
Desc: not available
URL: <http://trubka.network.cz/pipermail/bird-users/attachments/20141113/41616355/attachment.asc>
More information about the Bird-users
mailing list