Date: Sat, 11 Nov 2023 19:03:40 +0800 From: Zhenlei Huang <zlei@FreeBSD.org> To: Benoit Chesneau <benoitc@enki-multimedia.eu> Cc: "freebsd-net@FreeBSD.org" <freebsd-net@freebsd.org> Subject: Re: loopback and IP source Message-ID: <7BA2954F-D9DF-4D95-A8A8-9FF8E1A07E63@FreeBSD.org> In-Reply-To: <t6vS0O-obl2X2h0RWRfvlnxquCn7nlg1zJfFPPL7hfb_HjUxvnaOx2CbRXSOYJWDatxOea3CieEnUEUbL5XnIOh7hP2f6JqwqpZUDBwdsVE=@enki-multimedia.eu> References: <t6vS0O-obl2X2h0RWRfvlnxquCn7nlg1zJfFPPL7hfb_HjUxvnaOx2CbRXSOYJWDatxOea3CieEnUEUbL5XnIOh7hP2f6JqwqpZUDBwdsVE=@enki-multimedia.eu>
next in thread | previous in thread | raw e-mail | index | archive | help
--Apple-Mail=_CA32C2FB-65D5-48D5-97CC-A156325D5CF8 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset=utf-8 > On Nov 11, 2023, at 5:56 PM, Benoit Chesneau = <benoitc@enki-multimedia.eu> wrote: >=20 > Is there a way to ensure that the IP set in loopback on the rc.conf is = always used as source for routing. I setup it like this: >=20 > ``` > cloned_interfaces=3D"lo1" > ifconfig_lo1=3D"inet 195.24.245.226/32 up" > ifconfig_lo1_ipv6=3D"inet6 2a12:5541:1:1::3/128" > ``` >=20 > and others IP are set on interfaces or vlans. All routes informations = are fetched via BGP. The strange thing is that when I do a ping to = `1.1.1.1`` this work (and pass via one of the vlan through the transit). = But when I do a ping to another IP going through an IX the ping only = work when I force the source using `-S`: `ping -S $MY_IP $OTHER_IP` . Is = there something to do ? How to investigate such issue?=20 >=20 That is expected behavior. I'll explain IPv4 source ip selection shortly. For applications that do not set the source IP address, the source IP is = selected at best effort. This "best effort" is choosing a IP nearest (lowest metric) to target. = Apparently an IP address on loopback interfaces are "further" than any IP addresses on the outgoing = interface. > Is there something to do ? How to investigate such issue? You can refer to RFC 1122 section 3.3.4.3 [1] for IPv4 and RFC 6724 [2] = for IPv6. 1. https://datatracker.ietf.org/doc/html/rfc1122#section-3.3.4.3 = <https://datatracker.ietf.org/doc/html/rfc1122#section-3.3.4.3>; 2. https://datatracker.ietf.org/doc/html/rfc6724 = <https://datatracker.ietf.org/doc/html/rfc6724>; >=20 >=20 > Beno=C3=AEt >=20 Best regards, Zhenlei --Apple-Mail=_CA32C2FB-65D5-48D5-97CC-A156325D5CF8 Content-Transfer-Encoding: quoted-printable Content-Type: text/html; charset=utf-8 <html><head><meta http-equiv=3D"Content-Type" content=3D"text/html; = charset=3Dutf-8"></head><body style=3D"word-wrap: break-word; = -webkit-nbsp-mode: space; line-break: after-white-space;" class=3D""><br = class=3D""><div><br class=3D""><blockquote type=3D"cite" class=3D""><div = class=3D"">On Nov 11, 2023, at 5:56 PM, Benoit Chesneau <<a = href=3D"mailto:benoitc@enki-multimedia.eu" = class=3D"">benoitc@enki-multimedia.eu</a>> wrote:</div><br = class=3D"Apple-interchange-newline"><div class=3D""><div class=3D"">Is = there a way to ensure that the IP set in loopback on the rc.conf is = always used as source for routing. I setup it like this:<br class=3D""><br= class=3D"">```<br class=3D"">cloned_interfaces=3D"lo1"<br = class=3D"">ifconfig_lo1=3D"inet 195.24.245.226/32 up"<br = class=3D"">ifconfig_lo1_ipv6=3D"inet6 2a12:5541:1:1::3/128"<br = class=3D"">```<br class=3D""><br class=3D"">and others IP are set on = interfaces or vlans. All routes informations are fetched via BGP. The = strange thing is that when I do a ping to `1.1.1.1`` this work (and pass = via one of the vlan through the transit). But when I do a ping to = another IP going through an IX the ping only work when I force the = source using `-S`: `ping -S $MY_IP $OTHER_IP` . Is there something to do = ? How to investigate such issue? <br class=3D""><br = class=3D""></div></div></blockquote><div><br class=3D""></div><div>That = is expected behavior.</div><div><br class=3D""></div><div>I'll explain = IPv4 source ip selection shortly.</div><div>For applications that do not = set the source IP address, the source IP is selected at best = effort.</div><div>This "best effort" is choosing a IP nearest (lowest = metric) to target. Apparently an IP address on</div><div>loopback = interfaces are "further" than any IP addresses on the outgoing = interface.</div><div><br class=3D""></div><div><blockquote type=3D"cite" = class=3D"">Is there something to do ? How to investigate such = issue?</blockquote></div><div>You can refer to RFC 1122 section 3.3.4.3 = [1] for IPv4 and RFC 6724 [2] for IPv6.</div><div><br = class=3D""></div><div>1. <a = href=3D"https://datatracker.ietf.org/doc/html/rfc1122#section-3.3.4.3" = class=3D"">https://datatracker.ietf.org/doc/html/rfc1122#section-3.3.4.3</= a></div><div>2. <a = href=3D"https://datatracker.ietf.org/doc/html/rfc6724" = class=3D"">https://datatracker.ietf.org/doc/html/rfc6724</a></div><div><br= class=3D""></div><br class=3D""><blockquote type=3D"cite" class=3D""><div= class=3D""><div class=3D""><br class=3D""><br class=3D"">Beno=C3=AEt<br = class=3D""><br class=3D""></div></div></blockquote></div><br = class=3D""><div class=3D""> <div>Best regards,</div><div>Zhenlei</div> </div> <br class=3D""></body></html>= --Apple-Mail=_CA32C2FB-65D5-48D5-97CC-A156325D5CF8--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?7BA2954F-D9DF-4D95-A8A8-9FF8E1A07E63>