Mailinglist Archive: opensuse-bugs (6265 mails)
| < Previous | Next > |
[Bug 565487] New: Policy based ip routing does not work
- From: bugzilla_noreply@xxxxxxxxxx
- Date: Thu, 17 Dec 2009 00:35:05 +0000
- Message-id: <bug-565487-21960@xxxxxxxxxxxxxxxxxxxxxxxx/>
http://bugzilla.novell.com/show_bug.cgi?id=565487
http://bugzilla.novell.com/show_bug.cgi?id=565487#c0
Summary: Policy based ip routing does not work
Classification: openSUSE
Product: openSUSE 11.2
Version: Final
Platform: i586
OS/Version: openSUSE 11.2
Status: NEW
Severity: Major
Priority: P5 - None
Component: Kernel
AssignedTo: kernel-maintainers@xxxxxxxxxxxxxxxxxxxxxx
ReportedBy: moby@xxxxxxxx
QAContact: qa@xxxxxxx
Found By: ---
Blocker: ---
User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.9.1.6)
Gecko/20091201 SUSE/3.5.6-4.1 Firefox/3.5.6
When you use policy based routing, packets get routed correctly when outbound
but incoming replies do not seem to be put into the FORWARD chain.
If you create at least one more routing table (using ip route add xxx table
yyy), and then have some traffic use that table (using iptables mark, and ip
rule), then reply packets to that traffic never back it to the sender.
However, traffic being routed through the main routing table is handled
correctly.
Reproducible: Always
Steps to Reproduce:
1.Create an iptables rule to mark packets.
2.Create a new routing table.
3.Create an ip rule to have marked packets use the new routing table.
4.Packets being routed through the new table have issues - doing a packet
captuer will show that packets get sent outbound fine, the response comes back
from the remote host, and the linux machine then just dumps it. No errors are
logged anywhere at all.
Actual Results:
The sender never receives any response packets. Looking at the linux router,
you can see that response packets from the remote host make their way back to
the linux router and just get lost there. No errors are logged.
Expected Results:
Using a lower level kernel than the one in oss 11.2, everything works fine and
response packets from the remote host make their way back to the original
sender fine.
--
Configure bugmail: http://bugzilla.novell.com/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug.
http://bugzilla.novell.com/show_bug.cgi?id=565487#c0
Summary: Policy based ip routing does not work
Classification: openSUSE
Product: openSUSE 11.2
Version: Final
Platform: i586
OS/Version: openSUSE 11.2
Status: NEW
Severity: Major
Priority: P5 - None
Component: Kernel
AssignedTo: kernel-maintainers@xxxxxxxxxxxxxxxxxxxxxx
ReportedBy: moby@xxxxxxxx
QAContact: qa@xxxxxxx
Found By: ---
Blocker: ---
User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.9.1.6)
Gecko/20091201 SUSE/3.5.6-4.1 Firefox/3.5.6
When you use policy based routing, packets get routed correctly when outbound
but incoming replies do not seem to be put into the FORWARD chain.
If you create at least one more routing table (using ip route add xxx table
yyy), and then have some traffic use that table (using iptables mark, and ip
rule), then reply packets to that traffic never back it to the sender.
However, traffic being routed through the main routing table is handled
correctly.
Reproducible: Always
Steps to Reproduce:
1.Create an iptables rule to mark packets.
2.Create a new routing table.
3.Create an ip rule to have marked packets use the new routing table.
4.Packets being routed through the new table have issues - doing a packet
captuer will show that packets get sent outbound fine, the response comes back
from the remote host, and the linux machine then just dumps it. No errors are
logged anywhere at all.
Actual Results:
The sender never receives any response packets. Looking at the linux router,
you can see that response packets from the remote host make their way back to
the linux router and just get lost there. No errors are logged.
Expected Results:
Using a lower level kernel than the one in oss 11.2, everything works fine and
response packets from the remote host make their way back to the original
sender fine.
--
Configure bugmail: http://bugzilla.novell.com/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug.
| < Previous | Next > |