Jim Klimov writes: > Regarding the notion that "IP doesn't route based on source address", I know > that, but somehow expected that source IP is somehow considered when > choosing a correct gateway for it. Specifically, if I have two interfaces, > for > example 192.168.100.10 and 192.168.200.10, and two default routers in these > same subnets, say 192.168.100.1 and 192.168.200.1, I did not expect to see > packets from 192.168.100.10 trying to go out via 192.168.200.1 router.
It doesn't currently take source address into account at all. As I mentioned in the blog entry, there are tweaks to the current selection mechanism that are possible and that would solve the problem you're seeing -- but they just haven't been implemented yet. (Others have suggested Strong ES as the solution. I disagree. Strong ES might be useful in some situations, but having a smarter mechanism for choosing the output route would fix most all problems that users have with this part of the system, and would _not_ involve the complications that Strong ES demands.) > So, as far as I can tell from the respected gurus' responses, this behavior is > expected, works as designed, and won't be fixed. Correct? No, I think that goes a bit too far. It's just software. It can be changed. ;-} Jim Klimov writes: > > 3.3.1 Routing Outbound Datagrams > > The IP layer chooses the correct next hop for each datagram it sends. > > If the destination is on a connected network, the datagram is sent directly > > to the destination host; otherwise, it has to be routed to a gateway on a > > connected network. > > It was my subconscious understanding that while the system is solving the > task > of sending a routed packet to a gateway (choosing the gateway in particular), > it is working in the sandbox of the "connected network" (as the system and > gateway are in the same subnet). I'm not sure what you're saying. A "connected network" is a network on which we have an interface. Yes, for interface types that require a next hop address (i.e., non-point-to-point), the _destination_ address for the next hop must be on the same subnet as the configured interface, but that says nothing about the source address. If this weren't so, then routing itself wouldn't work. Once you get one hop away, you're no longer transmitting a packet whose source IP address matches the outbound interface -- and that's exactly what's expected. -- James Carlson 42.703N 71.076W <[email protected]> _______________________________________________ networking-discuss mailing list [email protected]
