[PVE-User] default routing considerations

[Patryk Benderz]

Dietmar, sorry for posting to you only, and not to ML - resending to ML
(somehow "reply to mailing list" doesn't work on PVE mailing list. Maybe
"reply-to" header is invalid)

[cut]
> Sorry, I do not understand what you say. For me this looks like
> different routes:
> 
> 192.168.3.0  0.0.0.0       255.255.255.0 U  0 0 0 vmbr1
> 10.1.1.0     0.0.0.0       255.255.255.0 U  0 0 0 vmbr0
> 
> Packets to 10.1.1.0/24 are set via vmbr0
> Packets to 192.168.3.0/24 are set via vmbr1
> 
> Why do you think it is wrong?
> 
OK, i'll try to explain it another way. Notice headers:

Destination  Gateway
192.168.3.0  0.0.0.0       255.255.255.0 U  0 0 0 vmbr1
10.1.1.0     0.0.0.0       255.255.255.0 U  0 0 0 vmbr0
0.0.0.0      192.168.3.254 0.0.0.0       UG 0 0 0 vmbr1

You are right that these are 2 different routes - one for network
192.168.3.0 and next for 10.1.1.0. What i do not like here is a
"Gateway" fields, because it shows that _by_default_ packets destined to
both networks (192.168.3.0;10.1.1.0) are routed through default GW. This
is longer route.
Example: packet destined for 10.1.1.0 network:
1) second rule in a routing table tells kernel to send this packet to
third rule, because Destination=0.0.0.0
2)now third rule in a routing table tells kernel to send this packet to
192.168.3.254, but this host is in different network.
3)now, depending if 192.168.3.254 knows how to route packet for 10.1.1.0
it might be delivered, or might not.

Shorter and IMHO correct route would be: (again notice change in "GW"):
Destination  Gateway 
192.168.3.0  192.168.3.219  255.255.255.0 U  0 0 0 vmbr1
10.1.1.0     10.1.1.219     255.255.255.0 U  0 0 0 vmbr0
0.0.0.0      192.168.3.254  0.0.0.0       UG 0 0 0 vmbr1

This time, kernel exactly knows that packet destined for 10.1.1.0
network should be sent through NIC with IP 10.1.1.219. Now packet gets
to destination faster.

Is my line of thought correct? If not, please tell me what are my
mistakes.



Email secured by Check Point