Hi, FreeBSD DCO has the open issue of "iroute with the same netmask as route, so we want metric/weight/... to differenciate"
On Mon, Aug 22, 2022 at 02:55:09PM +0200, Kristof Provost wrote:
> But:
>
> $ sudo route add 172.16.2.0/24 10.0.2.1
> add net 172.16.2.0: gateway 10.0.2.1
> $ sudo route add 172.16.2.0/24 -weight 2 10.0.2.254
> add net 172.16.2.0: gateway 10.0.2.254
I tried patching networking_freebsd.c the way you suggested, and it
seems to work "halfway". That is...
2022-10-06 17:26:35 us=684854 freebsd-74-amd64/2001:608:0:814::f000:3
/sbin/route add -net 10.114.201.0/24 10.114.2.2 -fib 0 -weight 16777115
add net 10.114.201.0: gateway 10.114.2.2 fib 0: route already in table
2022-10-06 17:26:35 us=695547 freebsd-74-amd64/2001:608:0:814::f000:3
/sbin/route -6 add -net fd00:abcd:114:201::/64 fd00:abcd:114:2::1000 -fib 0
-weight 16777115
add net fd00:abcd:114:201::/64: gateway fd00:abcd:114:2::1000 fib 0: route
already in table
... it takes the command, but still refuses to create the routes.
$ netstat -rn --libxo json | jq
tells me...
{
"destination": "10.114.201.0/24",
"gateway": "10.114.2.2",
"flags": "UGS",
"flags_pretty": [
"up",
"gateway",
"static"
],
"weight": 1,
"interface-name": "tun1"
},
{
"destination": "fd00:abcd:114:201::/64",
"gateway": "link#5",
"flags": "US",
"flags_pretty": [
"up",
"static"
],
"weight": 1,
"interface-name": "tun1"
},
For IPv6, we definitely have "different weight, different gateway", so
I'd expect this to work.
For IPv4, this is a bit of a nuisance - the client in question happens
to be the *first* client in ipp.txt (= .2), and that's what OpenVPN picks
for the "route" gateway too... so, "different weight, same gateway".
Now, bumping the "first client" via ipp.txt to the .4 address gives
me a whole new sleigh of interesting problems...
2022-10-06 17:36:05 us=447754 freebsd-74-amd64/2001:608:0:814::f000:3
/sbin/route add -net 10.114.200.74/32 10.114.2.4 -fib 0 -weight 16777115
route: writing to routing socket: Network is unreachable
add net 10.114.200.74: gateway 10.114.2.4 fib 0: Network is unreachable
... which, I think, is because the interface is flagged as "pointtopoint",
and .4 is off-net...
$ ifconfig tun1
tun1: flags=8051<UP,POINTOPOINT,RUNNING,MULTICAST> metric 0 mtu 1500
options=80000<LINKSTATE>
inet 10.114.2.1 --> 10.114.2.2 netmask 0xffffff00
inet6 fd00:abcd:114:2::1 prefixlen 64
inet6 fe80::250:56ff:fe9c:41b%tun1 prefixlen 64 scopeid 0x5
groups: openvpn
So, started out with one solution, now I have two new problems...
gert
--
"If was one thing all people took for granted, was conviction that if you
feed honest figures into a computer, honest figures come out. Never doubted
it myself till I met a computer with a sense of humor."
Robert A. Heinlein, The Moon is a Harsh Mistress
Gert Doering - Munich, Germany g...@greenie.muc.de
signature.asc
Description: PGP signature
_______________________________________________ Openvpn-devel mailing list Openvpn-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-devel
