02.04.2017 22:11, John Andersen пишет:
jsa@poulsbo:~> ip r default via 192.168.2.1 dev eth0 proto static metric 100 default via 192.168.86.1 dev wlan0 proto static metric 600 192.168.2.0/24 dev eth0 proto kernel scope link src 192.168.2.232 metric 100 192.168.86.0/24 dev wlan0 proto kernel scope link src 192.168.86.232 metric 600
How these two interfaces are connected? Do they go to the same router?
eth0 is connected via cat5 to 192.168.2.1 (192.168.2.1 is an opensuse box which is my main router/firewall/gateway).
Wlan0 is connected by wifi to 192.168.86.1 (wifi router) which is connected to that same 192.168.2.1 network.
So yes, eventually wlan0 arrives at the same router as does eth0.
So WiFi is behind double NAT? ...
Does it work if you create explicit route to this host?
ip route add 209.112.129.41/32 via 192.168.86.1 dev wlan0
Yes, after adding this route I can ping that specific machine.
OK, that confirms my guess.
Does this suggest that Network Manager removes ALL routes from a wifi interface when a wired interface becomes available?
Of course not. As can be clearly seen from "ip route" output both default routes are present.
Is this intentional? It didn't use to be that way in past releases.
Sorry, I do not believe that could work in any past release. When Ethernet interface comes up, NM adds default route with better priority (lower metric), so now all traffic will go via this route. "ping -I" does not select *interface* via which packets are sent - it just selects own (source) address. Via which interface packet will flow is determined by routing table ("source address selection" vs. "outgoing interface selection"). What happens now, system sends packet with source address 192.168.86.232 via default gateway 192.168.2.1 to the outside world. It means 192.168.2.1 must be able to do two things a) correctly mangle packet by replacing source address with external (otherwise no reply can be received) b) correctly forward packet received on mangled address back to your system Either of this may fail. You 192.168.2.1 box may be configured to masquerade only 192.168.2.0/24 range. Even if it does masquerading, when it receives reply and demangles it, it most likely does not know what to do with packet for destination 192.168.86.232, because 192.168.86.0/24 network is itself hidden behind the second box. Finally, if it arrives at your wlan0, kernel may actually drop it depending on rp_filter setting. Capturing traffic on both eth0 and wlan0 during ping may give some hints where it chokes. You may make it work by creating second routing table and making all traffic with source 192.168.86.232 using it. Something like (untested) ip route add 192.168.86.0/24 dev wlan0 src 192.168.2.232 scope link table 128 ip route add default via 192.168.86.1 dev wlan0 table 128 ip rule add from 192.168.86.232 table 128 -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org