[Babel-users] preferred source address vs babel

StarBrilliant coder at poorlab.com
Fri Jul 6 23:06:06 BST 2018 

Hi everyone,

I have been looking into this problem for months.

I found that Linux kernel have difficulty determining source address for an
icmp-ttl-exceeded packet if SADR is used.

Sometimes it will return the primary address as if SADR route does not
exist; sometimes it will just seallow the reply packet, showing as a "???"
in the traceroute.

In some rare random situation a machine with two routes like "default from
2001.../48" would report "no route to host" when you want to connect from
it to some random (not all) hosts in the Internet, although the machine
routes packets from others correctly.

I found that icmp_errors_use_inbound_ifaddr does not work for IPv6, and
have been trying to port that option to IPv6. I am not sure if it can fix
the traceroute problem. But I am currently suspending this work, hopefully
someone else is interested in it.

I agree that we need such an option. That's simply because Linux kernel is
buggy.

(P.S. I typed this letter on my phone. Please forgive me if the layout is
messy.)
On Sat, Jul 7, 2018 at 05:38 Juliusz Chroboczek <jch at irif.fr> wrote:

> > The packets never traverse the 2a02-network yet it is showing up in the
> > traceroute and that way the 2a02 addresses are leaking into the mesh
> > revealing information about the node that should not be revealed.
> > Sacondly packets originating from the node like DNS may leave the node
> > with an inappropriate ipv6 address and could possibly be routed out
> > through the wan interface of the node.
>
> I understand what you're trying to do.  I want to understand why.
>
> Which interface is the address in 2a02 installed on?  If it's a different
> interface, then according to RFC 6724 Section 5 rule 5, the other address
> should be chosen.  If the address is installed on the same interface, then
> I'd like to understand why.
>
> >> I have no objection (and I'd be glad to apply a well-written patch that
> >> does that), but I don't think this should be necessary.
>
> > I opened a PR for this
>
> https://github.com/jech/babeld/pull/15
>
> As I've said there, I don't think it should be a command-line option -- it
> should live in the configuration file.  If people want to put it on the
> command-line, they should be using "-C".
>
> What's more, I don't think it makes sense for it to be a global option,
> since with multiple interfaces you don't usually want to use the same
> address with all interfaces.  I can see the following:
>
>   - it could be an interface option, in which case it would apply to all
>     routes going out through that interface;
>   - it could be a filter option, in which case it would apply to matching
>     routes.
>
> Perhaps the list could chime in?
>
> -- Juliusz
>
> _______________________________________________
> Babel-users mailing list
> Babel-users at alioth-lists.debian.net
> https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/babel-users
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/babel-users/attachments/20180707/e5fd0665/attachment.html>

More information about the Babel-users mailing list