GNOME Bugzilla – Bug 709478
support source-based routing
Last modified: 2020-11-12 14:34:42 UTC
I have just spoken to Ondřej Caletka (in Cc) at LinuxDays 2013 Prague who advocates Multipath TCP. The only prerequisit for using multipath TCP in applications is to generate routing policies for interfaces. That way the host is capable of answering connections from alternative default routes belonging to interfaces that have not been chosen by nm-policy to act as default routing interfaces. For each supported interface, NetworkManager needs to: 1) Add a separate routing table with *all* address-based routes, configured static/dynamic routes and the default route (which could not be added to the main routing table for non-default interfaces). 2) Add a high-priority routing rule (with lower priority value than the auto-generated rule for the main table) to choose the respective routing table based on a source address belonging to that interface (for multiple addresses multiple rules are needed). Example setup (via iproute): ip -4|-6 rule add prio 1000 from $ADDRESS table $TABLE ADDRESS: Each global IP address added to the interface. TABLE: Per-interface routing table.
Here is link including example configuration for MultiPath TCP - http://multipath-tcp.org/pmwiki.php/Users/ConfigureRouting
Just want to record some ideas here. Please treat it as random thoughts related to this feature, nothing more. First of all there's an alternative way of using (something like) connection tracking directly in the kernel (not NetworkManager) keeping track of the the incoming routes of incoming connections and reusing those for outgoing packets of those incoming connections. That could be turned on/off per-interface or maybe even using an iptables target. And there's another thing. While MPTCP is most often viewed as end-to-end, it may easily happen that if the application is for example just moved from a physical host to a virtual one running on it, even if the virtual host had multiple addresses (even on multiple interfaces), the physical host would typically not handle forwarded packets in the same way as input/output packets. Therefore the effect of MPTCP physically going through different connections could possibly be lost.
IIRC if you configure source-based routes then you don't need to use a separate routing table
(In reply to comment #3) > IIRC if you configure source-based routes then you don't need to use a separate > routing table Any links, please?
See also: https://bugzilla.gnome.org/show_bug.cgi?id=723178
(In reply to comment #4) > (In reply to comment #3) > > IIRC if you configure source-based routes then you don't need to use a separate > > routing table > > Any links, please? Ferry seems to claim there is something called source-based routes in the kernel which work without split routing tables but I couldn't confirm that.
(In reply to comment #6) > (In reply to comment #4) > > (In reply to comment #3) > > > IIRC if you configure source-based routes then you don't need to use a separate > > > routing table > > > > Any links, please? > > Ferry seems to claim there is something called source-based routes in the > kernel which work without split routing tables but I couldn't confirm that. source based routes and/or routing subtrees
(In reply to Pavel Simerda from comment #6) > (In reply to comment #4) > > (In reply to comment #3) > > > IIRC if you configure source-based routes then you don't need to use a separate > > > routing table > > > > Any links, please? > > Ferry seems to claim there is something called source-based routes in the > kernel which work without split routing tables but I couldn't confirm that. The option is CONFIG_IPV6_SUBTREES, and the feature works since kernel 3.11 (it's broken/unusable in older versions). I've just tested it on 4.9 and it seems pretty simple – you just specify RTA_SRC with the source subnet when adding the default route. For example: ip -6 route add ::/0 from 2002:cb00:7100::/64 via fe80::12:34 dev eth0 ip -6 route add ::/0 from 2001:db8:db8::/64 via fe80::45:78 dev wlan0 Would be great to see this in NM.
wow! this is great! ...but it doesn't seem to be working for me for ipv4 - the "from xxx" part is just ignored and does not show up in the final route. :-( for ipv6 it works fine... ...any ideas (examples) how to make it work? thanks!
source based routing only works for ipv6. For ipv4 policy routing needs to be configured, which probably is not very realistic to expect of NM (just guessing)
bugzilla.gnome.org is being shut down in favor of a GitLab instance. We are closing all old bug reports and feature requests in GNOME Bugzilla which have not seen updates for a long time. If you still use NetworkManager and if you still see this bug / want this feature in a recent and supported version of NetworkManager, then please feel free to report it at https://gitlab.freedesktop.org/NetworkManager/NetworkManager/-/issues/ Thank you for creating this report and we are sorry it could not be implemented (workforce and time is unfortunately limited).