From: Herbert Poetzl (herbert_at_13thfloor.at)
Date: Wed 16 Mar 2005 - 21:39:53 GMT
On Wed, Mar 16, 2005 at 07:10:37PM +0100, Martin Pauly wrote:
> Hello Herbert,
> thanks for your reply, we managed to track down things a bit further:
> I wrote:
> > The ifconfig call inside /sbin/vserver introduces another route on eth1:
> > master22:/etc/vservers# ip route sh
> > 220.127.116.11/27 dev eth0 proto kernel scope link src 18.104.22.168
> [other routes]
> > 4. Now I adjust the routing tables:
> > master22:/etc/vservers# ip route del 22.214.171.124/27 dev eth0
> > master22:/etc/vservers# ip route add 126.96.36.199/27 dev eth0 src 188.8.131.52 table 2
> > master22:/etc/vservers# ip route add default dev eth0 via 184.108.40.206 src
> > 220.127.116.11 table 2
> > RTNETLINK answers: Network is unreachable
> There seems to be an issue with the additional route introduced by ifconfig.
> If I simply leave it in place for the moment, build the second table, and
> remove it _afterwards_, things seem to be fine.
> Looks weird to me, though ...
check with iproute2's 'ip' utility (ip addr ls, ip route ls, ...)
to get a better 'understanding' what the legacy ifconfig
utility does with interfaces, addresses and routes ...
> BTW: I learned from your examples that chbind is useful for testing such
> network stuff, but I also learned that ping happily breaks out of its IP jail:
> master22:~# chbind --ip 18.104.22.168 ping -R -c 1 22.214.171.124
yeah, that's what the -I option is for (at least for ping)
> ipv4root is now 126.96.36.199
> PING 188.8.131.52 (184.108.40.206) 56(124) bytes of data.
> 64 bytes from 220.127.116.11: icmp_seq=1 ttl=254 time=1.35 ms
> RR: 192.168.1.18
> --- 18.104.22.168 ping statistics ---
> 1 packets transmitted, 1 received, 0% packet loss, time 0ms
> rtt min/avg/max/mdev = 1.359/1.359/1.359/0.000 ms
> I verified this on the target machine (a solaris box).
> So raw sockets seem to be a different story altogether.
well, that's not really surprising, as some 'ping' tools
use raw sockets to transmit a custom created packet, which
of course can be _any_ packet (that's the purpose of raw
sockets after all, and that's why linux-vserver do not
allow to use raw sockets by default)
> Greetz, Martin
> Dr. Martin Pauly Fax: 49-6421-28-26994
> HRZ Univ. Marburg Phone: 49-6421-28-23527
> Hans-Meerwein-Str. E-Mail: pauly_at_HRZ.Uni-Marburg.DE
> D-35032 Marburg
> Vserver mailing list
Vserver mailing list