Re: Interface routes and multiple fibs

In reply to: Dan Mahoney : "Re: Interface routes and multiple fibs"
Go to: [ bottom of page ] [ top of archives ] [ this month ]
From: Paul Procacci <pprocacci_at_gmail.com>
Date: Thu, 20 Oct 2022 06:42:42 UTC
When you do a `host' command .... I'm presuming it wants to contact
182.159.249.236.
If we look at your routing table, you are directing traffic for that host
over lo0.

The host/fib/whatever that's tied to fib 1 ... when it wants to respond,
it's going to want to respond to the host which generated the packet which
is some machine in the 182.159.249.232/29 subnet.
Again, looking at the routing table, it's telling the packet to be sent out
bge0.

With the above said, I don't think that's where your question lies.
Admittedly I thought it was at first.
Is your question with the prepopulation of routes in new fibs?  If so, then
look towards the net.add_addr_allfibs sysctl.

A value of 0 disables this behavior.

If I'm still wrong, then I'll need to be spoken to like a 4 yr old.

Thanks,
Paul Procacci

On Thu, Oct 20, 2022 at 1:42 AM Dan Mahoney <freebsd@gushi.org> wrote:

>
>
> On Oct 18, 2022, at 15:16, Paul Procacci <pprocacci@gmail.com> wrote:
>
>
>
> On Tue, Oct 18, 2022 at 5:12 PM Dan Mahoney <freebsd@gushi.org> wrote:
>
>> All,
>>
>> Maybe a question for the -net or -rc people.  If I should ask there, let
>> me know.
>>
>> I'm running with multiple fibs.  One fib is just box management, ssh,
>> etc.  The other fib (which takes BGP routes from peers via BIRD) does DNS
>> anycast things.  The DNS server runs in fib 1.  Our default route is added
>> to both fibs.
>>
>> My fib0 routing table looks like this:
>>
>> Internet:
>> Destination        Gateway            Flags     Netif Expire
>> default            192.159.249.233    UGS        bge0
>> 127.0.0.1          link#5             UH          lo0
>> 182.159.249.232/29 link#1             U          bge0
>> 182.159.249.236    link#1             UHS         lo0
>>
>> Fib 1 is missing that final route.:
>>
>> default            182.159.249.233    UGS        bge0
>> 127.0.0.1          link#5             UH          lo0
>> 182.159.249.232/29 link#1             U          bge0
>>
>> I've noticed that when I try to do a query (with dig) against it from fib
>> 0, it sends over lo0 to the named process, but the reply packet just gets
>> sent out ON BGE0, and is never received, since dig is listening on the
>> interface it sent the packet over (lo0) to hear the response, which, near
>> as I can tell with tcpdump -i bge0, just goes out on the wire
>>
>> Obviously, we can add the static route to that second fib with:  route
>> add -host 182.159.249.236 -interface lo0 -fib 1.
>>
>> Yes, we can also make this stick useing default_routes in rc.conf.
>>
>> But it feels like we shouldn't have to.  This feels like a glitch, and
>> that if all fibs get the SUBNET route , they should also get the loopback.
>>
>> -Dan
>>
>
>
> Why would you not expect to add a route for it?
> The same subnets can exist in different fibs and be part of different lan
> segments a la vlans.  Routes are required.
>
>
> But...the same route is added for the SUBNET on both fibs automatically,
> even though bge0 is in fib 1.  Just not for the actual host.  This feels
> woefully inconsistent.
>
>
>

-- 
__________________

:(){ :|:& };: