tech-net: Re: Routing by source address

Subject: Re: Routing by source address
To: None <tech-net@NetBSD.org>
From: der Mouse <mouse@Rodents.Montreal.QC.CA>
List: tech-net
Date: 08/24/2006 19:08:32
> Therefore, I have to tell NetBSD that it should route all packets
> originating from the IP of ISP #1 through the gateway of ISP #1 and
> so on (some kind of routing by source address).

I found myself wanting to do this, so I created something that did it.

It's a pseudo-interface called srt (for Source RouTing).  You point
your route out the srt interface and then use srtconfig to tell the srt
code where to send packets based on their ip_src fields.

Here, for example, is an excerpt from one of my house machines' startup
scripts.  This machine is 216.46.5.1 on the house LAN, where the main
house uplink is managed by 216.46.5.9; it also has the backup house
netlink on ppp0, where its address is 216.46.0.70 and the other end of
the PPP link is 216.46.1.3.  216.46.5.0/28 is overlaid with
10.0.2.0/28, with the same third octet, and it has another Ethernet on
the house non-routed subnet 10.0.1.0/24.

srtconfig srt0 set 0 216.46.5.1 /32 de0 216.46.5.9
srtconfig srt0 set 1 216.46.0.70 /32 ppp0 216.46.1.3
srtconfig srt0 set 2 10.0.2.1 /32 de0 10.0.2.9
srtconfig srt0 set 3 10.0.0.0 /8 ex0 10.0.1.1
ifconfig srt0 216.46.5.1 10.0.0.1 netmask 255.255.255.255 up
route add default 10.0.0.1

Thus, the packet flow is:

packet emitted
-> default route to 10.0.0.1
-> sends it out srt0, which ignores the next-hop address (10.0.0.1)
-> the srt code checks ip_src against, in order
  216.46.5.1/32  -> send it out de0, addressed to 216.46.5.9
  216.46.0.70/32 -> send it out ppp0, addressed to 216.46.1.3
  10.0.2.1/32    -> send it out de0, addressed to 10.0.2.9
  10/8           -> send it out ex0, addressed to 10.0.1.1
  anything else  -> drop it on the floor

Order is important here, because the srt code checks in order.  If I
found myself using it for anything big, I'd probably steal the radix
tree code and give each srt interface its own radix tree, and pick the
most specific route rather than defining it to check them in order.

You probably can't use the code directly, because it's for 1.4T, but
you're welcome to use the idea.  (For that matter you're welcome to use
the code too, if you find any use for it.)

/~\ The ASCII				der Mouse
\ / Ribbon Campaign
 X  Against HTML	       mouse@rodents.montreal.qc.ca
/ \ Email!	     7D C8 61 52 5D E7 2D 39  4E F1 31 3E E8 B3 27 4B