Re: how to choose outgoing IPv4 address/interface ?

Fri, 30 Dec 2011 08:19:41 -0800 

* PP;QQ P(P8P?P8QP8P= <chipits...@gmail.com> [2011-12-30 05:21]:
> why does OpenBSD choose vlan379 ? how can I make it use vlan200 for
> all outgoing traffic except bgp communication ?

for wildcard binds (INADDR_ANY aka 0.0.0.0, connect without bind has the
same effect) the address is chosen based on the route to the destination.

i. e. for www.google.com from my location:

<br...@cr10.ham>  $ route -n get 173.194.69.105
   route to: 173.194.69.105
destination: 173.194.69.0
       mask: 255.255.255.0
    gateway: 80.81.203.34
  interface: carp0
 if address: 80.81.203.19
   priority: 48 (bgp)
      flags: <UP,GATEWAY,DONE>
     use       mtu    expire
 1431189         0         0 

the "if address" is used.

how's the if address figured out? easy. if the route lookup gives a
gateway route (as in the above example, gateway 80.81.203.34), a lookup
for the route to that gateway is done (basically, i simplify a bit).
if needed this is repeated until we get a connected route - which we
have straight after looking up the route to the gateway from the
previous route in this case.

<br...@cr10.ham>  $ route -n get 80.81.203.34    
   route to: 80.81.203.34
destination: 80.81.203.34
  interface: carp0
 if address: 80.81.203.19
   priority: 4 (connected)
      flags: <UP,HOST,DONE,LLINFO,CLONED>
     use       mtu    expire
      20         0       224 

so now we have our "connected" route. as in,
  ($dest & $mask) == ($ifaddr & $mask)
binary & of course, and mask is taken from the interface. et voila, we
have the interface address figured out and use that as src address.

so all you need to do is getting your routes right. from your
description (which leads to the impression that your ISP makes you use
a pretty strange setup) you'll need to set the nexthop to your ISP's
address on that other vlan in your bgpd.conf - look for "set nexthop"
in bgpd.conf.5

-- 
Henning Brauer, h...@bsws.de, henn...@openbsd.org
BS Web Services, http://bsws.de, Full-Service ISP
Secure Hosting, Mail and DNS Services. Dedicated Servers, Root to Fully Managed
Henning Brauer Consulting, http://henningbrauer.com/

Reply via email to