Bug 46 - Wrong interface might be chosen if multiple (source-specific) default routes are present
Summary: Wrong interface might be chosen if multiple (source-specific) default routes ...
Status: CONFIRMED
Alias: None
Product: passt
Classification: Unclassified
Component: pasta (show other bugs)
Version: unspecified
Hardware: All Linux
: Normal feature
Assignee: nobody
URL:
Depends on:
Blocks:
 
Reported: 2023-03-24 16:56 UTC by Stefano Brivio
Modified: 2023-03-24 16:57 UTC (History)
0 users

See Also:


Attachments

Description Stefano Brivio 2023-03-24 16:56:17 UTC
> Originally reported by lemmi@nerd2nerd.org as Markdown, see also: https://pad.passt.top/p/SourceSpecificRoutes

> Host
Consider a host system with 2 interfaces (eth0, eth1) with access to
multiple different uplinks and prefixes:

-   eth0: 2001:db8:0::/64
-   eth1: 2001:db8:1::/64

    2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 state UP qlen 1000
        inet6 2001:db8::xxxx:xxxx:xxxx:xxxx/64 scope global dynamic mngtmpaddr
           valid_lft forever preferred_lft forever
        inet6 fe80::xxxx:xxxx:xxxx:xxxx/64 scope link
           valid_lft forever preferred_lft forever
    3: eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 state UP qlen 1000
        inet6 2001:db8:1::yyyy:yyyy:yyyy:yyyy/64 scope global dynamic mngtmpaddr
           valid_lft forever preferred_lft forever
        inet6 fe80::yyyy:yyyy:yyyy:yyyy/64 scope link
           valid_lft forever preferred_lft forever

The host has a source-specific default route installed to use eth0 only
in case the source address is within 2001:db8:0::/64. Otherwise eth1 is
chosen:

    default from 2001:db8:0::/64 via 2001:db8:0:: dev eth0 metric 1024 pref medium
    default via 2001:db8:1:: dev eth1 metric 1024 pref medium
    2001:db8:0::/64 dev eth0 metric 1024 pref medium
    2001:db8:1::/64 dev eth1 metric 1024 pref medium

> Container
Running podman with pasta to configure a static IPv6 address may result
in wrong routes, without specifying an interface:

    podman run --rm -it --network pasta:-6,-a,2001:db8:1::1 alpine
    ip -6 r

    2001:db8:1::/64 dev eth0  metric 256
    fe80::/64 dev eth0  metric 256
    multicast ff00::/8 dev eth0  metric 256

Notice how the device name is that of eth0 while it should be eth1 and
the default route is missing.

Specifying the interface fixes the problem, but might not be a solution
if multiple addresses can be configured in the future:

    podman run --rm -it --network pasta:-6,-a,2001:db8:1::1,-i,eth1 alpine
    ip -6 r

    2001:db8:1::/64 dev eth1  metric 256
    fe80::/64 dev eth1  metric 256
    default via 2001:db8:1::/64 dev eth1  metric 1024
    multicast ff00::/8 dev eth1  metric 256

To get the correct interface, pasta should probably check the host
routing table for the interface in a similar fashion to:

    ip route get :: from 2001:db8:1::1

    :: from from 2001:db8:1::1 via 2001:db8:1:: dev eth1 ...
Comment 1 Stefano Brivio 2023-03-24 16:57:06 UTC
Originally reported by lemmi@nerd2nerd.org as Markdown, see also: https://pad.passt.top/p/SourceSpecificRoutes

Note You need to log in before you can comment on or make changes to this bug.