After some 10 years in network administration, I suddenly can't get OpenSolaris (snv_114) to select a default route correctly.
I have a multihomed server which has a couple of IP addresses in its global zone which are from two different ISP's. These interfaces are different VLANs (i.e. e1000g15000 and e1000g81000) on our switch, routers to these nets work okay. The intention was that this server's services bound to both IP addresses (or to a wildcard any-address) should be available over two ISP's links. That is, if a user accesses the server with an IP address "A" of ISP "A", the response packets go back to gateway of ISP "A" and so on. Likewise for "B". That is, the IP address used by clients should determine which ISP is used and which default gateway is picked for response packets. So I thought. In fact, my system seems to alternate its default router about once a minute (I didn't measure precisely; this may be caused by a RIPv2 client used to install multiple routes to local internal networks, or maybe it is not related). The routing table as returned by "netstat -rn" contains both default routes. However only one of the routers is used for any source address (i.e. when I do "traceroute -s src-ip-name" to the internet). Apparently, if packets from IP "B" go to ISP "A"'s router (or vice versa) and try to get to Internet, they don't there - these packets are dropped by the ISP. My questions are: is this strangeness intended? What could I misconfigure or under-configure? Does a similar setup work in other builds of Solaris (maybe it is a regression of a recent OpenSolaris)? More hints: I tried adding routes with "-ifp" flag and with "-setsrc" flag, this trickery didn't help. And even if it did, I'm not sure I can pass such flags through a routing daemon config file (/etc/gateways, quagga/zebra, whatever). This problem doesn't seem to occur in local zones with only one IP address and one default route. It is tricky however to use two IP addresses (a public and a private one) in local zones. That's why we have RIPv2 client fetching routes for local networks. //Jim -- This message posted from opensolaris.org _______________________________________________ networking-discuss mailing list [email protected]
