Date: Wed, 15 Nov 2023 09:29:25 +0000 From: Benoit Chesneau <benoitc@enki-multimedia.eu> To: Zhenlei Huang <zlei@FreeBSD.org> Cc: "freebsd-net@FreeBSD.org" <freebsd-net@freebsd.org> Subject: Re: loopback and IP source Message-ID: <-7mVq7TW1purYoFQctO15qlz32SoxNvELpVf7tD92tJ_dhLZa3GhC9TOe_Lk2RCaOX0YH3qc-0V0WnXUFWSLT2OvupO-MgLUYSg40nRBafc=@enki-multimedia.eu> In-Reply-To: <7BA2954F-D9DF-4D95-A8A8-9FF8E1A07E63@FreeBSD.org> References: <t6vS0O-obl2X2h0RWRfvlnxquCn7nlg1zJfFPPL7hfb_HjUxvnaOx2CbRXSOYJWDatxOea3CieEnUEUbL5XnIOh7hP2f6JqwqpZUDBwdsVE=@enki-multimedia.eu> <7BA2954F-D9DF-4D95-A8A8-9FF8E1A07E63@FreeBSD.org>
next in thread | previous in thread | raw e-mail | index | archive | help
[-- Attachment #1 --] This makes sense. Thanks for the links! Benoît On Saturday, November 11th, 2023 at 12:03, Zhenlei Huang <zlei@FreeBSD.org> wrote: >> On Nov 11, 2023, at 5:56 PM, Benoit Chesneau <benoitc@enki-multimedia.eu> wrote: >> >> Is there a way to ensure that the IP set in loopback on the rc.conf is always used as source for routing. I setup it like this: >> >> ``` >> cloned_interfaces="lo1" >> ifconfig_lo1="inet 195.24.245.226/32 up" >> ifconfig_lo1_ipv6="inet6 2a12:5541:1:1::3/128" >> ``` >> >> and others IP are set on interfaces or vlans. All routes informations are fetched via BGP. The strange thing is that when I do a ping to `1.1.1.1`` this work (and pass via one of the vlan through the transit). But when I do a ping to another IP going through an IX the ping only work when I force the source using `-S`: `ping -S $MY_IP $OTHER_IP` . Is there something to do ? How to investigate such issue? > > That is expected behavior. > > I'll explain IPv4 source ip selection shortly. > For applications that do not set the source IP address, the source IP is selected at best effort. > This "best effort" is choosing a IP nearest (lowest metric) to target. Apparently an IP address on > loopback interfaces are "further" than any IP addresses on the outgoing interface. > >> Is there something to do ? How to investigate such issue? > > You can refer to RFC 1122 section 3.3.4.3 [1] for IPv4 and RFC 6724 [2] for IPv6. > > 1. https://datatracker.ietf.org/doc/html/rfc1122#section-3.3.4.3 > 2. https://datatracker.ietf.org/doc/html/rfc6724 > >> Benoît > > Best regards, > Zhenlei [-- Attachment #2 --] <div style="font-family: Arial, sans-serif; font-size: 14px;">This makes sense. Thanks for the links!</div><div style="font-family: Arial, sans-serif; font-size: 14px;"><br></div> <div class="protonmail_signature_block" style="font-family: Arial, sans-serif; font-size: 14px;"> <div class="protonmail_signature_block-user"> <div style="font-style: normal; font-weight: normal; letter-spacing: normal; text-indent: 0px; text-transform: none; white-space: normal; word-spacing: 0px; text-decoration: none; font-family: Helvetica; font-size: 12px; color: rgb(0, 0, 0);">Benoît</div></div></div><div class="protonmail_quote"> On Saturday, November 11th, 2023 at 12:03, Zhenlei Huang <zlei@FreeBSD.org> wrote:<br><br> <blockquote class="protonmail_quote" type="cite"> <br class=""><div><br class=""><blockquote class="" type="cite"><div class="">On Nov 11, 2023, at 5:56 PM, Benoit Chesneau <<a class="" href="mailto:benoitc@enki-multimedia.eu" rel="noreferrer nofollow noopener" target="_blank">benoitc@enki-multimedia.eu</a>> wrote:</div><br class="Apple-interchange-newline"><div class=""><div class="">Is there a way to ensure that the IP set in loopback on the rc.conf is always used as source for routing. I setup it like this:<br class=""><br class="">```<br class="">cloned_interfaces="lo1"<br class="">ifconfig_lo1="inet 195.24.245.226/32 up"<br class="">ifconfig_lo1_ipv6="inet6 2a12:5541:1:1::3/128"<br class="">```<br class=""><br class="">and others IP are set on interfaces or vlans. All routes informations are fetched via BGP. The strange thing is that when I do a ping to `1.1.1.1`` this work (and pass via one of the vlan through the transit). But when I do a ping to another IP going through an IX the ping only work when I force the source using `-S`: `ping -S $MY_IP $OTHER_IP` . Is there something to do ? How to investigate such issue? <br class=""><br class=""></div></div></blockquote><div><br class=""></div><div>That is expected behavior.</div><div><br class=""></div><div>I'll explain IPv4 source ip selection shortly.</div><div>For applications that do not set the source IP address, the source IP is selected at best effort.</div><div>This "best effort" is choosing a IP nearest (lowest metric) to target. Apparently an IP address on</div><div>loopback interfaces are "further" than any IP addresses on the outgoing interface.</div><div><br class=""></div><div><blockquote class="" type="cite">Is there something to do ? How to investigate such issue?</blockquote></div><div>You can refer to RFC 1122 section 3.3.4.3 [1] for IPv4 and RFC 6724 [2] for IPv6.</div><div><br class=""></div><div>1. <a class="" href="https://datatracker.ietf.org/doc/html/rfc1122#section-3.3.4.3" rel="noreferrer nofollow noopener" target="_blank">https://datatracker.ietf.org/doc/html/rfc1122#section-3.3.4.3</a></div><div>2. <a class="" href="https://datatracker.ietf.org/doc/html/rfc6724" rel="noreferrer nofollow noopener" target="_blank">https://datatracker.ietf.org/doc/html/rfc6724</a></div><div><br class=""></div><br class=""><blockquote class="" type="cite"><div class=""><div class=""><br class=""><br class="">Benoît<br class=""><br class=""></div></div></blockquote></div><br class=""><div class=""> <div>Best regards,</div><div>Zhenlei</div> </div> <br class=""> </blockquote><br> </div>
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?-7mVq7TW1purYoFQctO15qlz32SoxNvELpVf7tD92tJ_dhLZa3GhC9TOe_Lk2RCaOX0YH3qc-0V0WnXUFWSLT2OvupO-MgLUYSg40nRBafc=>