On 04/02/2017 09:01 PM, Andrei Borzenkov wrote:
When Ethernet interface comes up, NM adds default route with better priority (lower metric), so now all traffic will go via this route. "ping -I" does not select *interface* via which packets are sent - it just selects own (source) address. Via which interface packet will flow is determined by routing table ("source address selection" vs. "outgoing interface selection").
The above differs from that the opensuse Ping man page says. It says, with regard to the -I parameter:
-I interface interface is either an address, or an interface name. If interface is an address, it sets source address to specified interface address. If inter- face in an interface name, it sets source interface to specified interface.
Maybe we need to file a bug report against the man page. The third sentence clearly states it should go out the specified interface. Reading many bug reports on this, I suspect I'm not the first one to read it that way. However, a quick test reveals that ping -I wlan0 lists.opensuse.org and ping -I 192.169.86.232 lists.opensuse.org Both fail in the same way: 100% packet loss.
What happens now, system sends packet with source address 192.168.86.232 via default gateway 192.168.2.1 to the outside world. It means 192.168.2.1 must be able to do two things
a) correctly mangle packet by replacing source address with external (otherwise no reply can be received)
b) correctly forward packet received on mangled address back to your system
This seems like a reasonable explanation and agrees with what James Knott's tests shows. But it puts the lie to the man page.
Either of this may fail. You 192.168.2.1 box may be configured to masquerade only 192.168.2.0/24 range. Even if it does masquerading, when it receives reply and demangles it, it most likely does not know what to do with packet for destination 192.168.86.232, because 192.168.86.0/24 network is itself hidden behind the second box. Finally, if it arrives at your wlan0, kernel may actually drop it depending on rp_filter setting.
Capturing traffic on both eth0 and wlan0 during ping may give some hints where it chokes.
You may make it work by creating second routing table and making all traffic with source 192.168.86.232 using it. Something like (untested)
ip route add 192.168.86.0/24 dev wlan0 src 192.168.2.232 scope link table 128 ip route add default via 192.168.86.1 dev wlan0 table 128 ip rule add from 192.168.86.232 table 128
I'm going to give these a try tomorrow when I have time to set up the machines while watching the logs. -- After all is said and done, more is said than done. -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org