[homenet] Source-specific routes in Linux [was: atomic updates...]

Ole Troan otroan at employees.org
Wed May 8 06:58:52 EDT 2013


>>> We have switched to RA-Handling in userspace for similar reasons
>> already so I guess it's only the next logical step to create separate
>> routing tables for each upstream interface to do source-based routing
>> and filter out ULA-traffic on this layer instead of through iptables.
>> don't do it per upstream interface, that wouldn't work. per next-hop
>> might. the draft suggests a single table with source constrained
>> routers and backtracking.
> Ah yes thanks for the hint. Please correct me if I got this wrong: I guess per interface would be problematic if there are multiple routers on the upstream link offering different prefixes. However in case of prefix delegation via DHCPV6-pd like on usual home ISP connections would it not be problematic to attribute the prefix to any specific router? - if there would be multiple routers which I guess is unlikely in that situation. One could maybe attribute the prefix to the source address of the DHCPv6 server but that sounds problematic to me aswell. Hmm did I miss something or am I completely on the wrong track now?

at least we're on the same track (and I think the correct one). ;-)

on the border router this is quite simple. if a border router uses PD and it discovers a default router on the same interface,
that will result in a SADR route (S, D) -> interface, next-hop. where S is PD prefix, D is ::/0, interface is the interface the PD was received
on and next-hop is whatever router discovery came back with.

the issue is with internal routers, where you may have an internal router connected to two exits on the same link, or behind another
IR that is connected to both..., i.e. arbitrary topology. 


More information about the Bloat-devel mailing list