dhcpcd-discuss

Home Other Lists Thread Index Date Index Search
Thread Prev Thread Next Date Prev Date Next Thread Index Date Index

Re: Option 121 Classless Static Routes

Neal P. Murphy

Thu Apr 05 15:40:57 2018
Aside, does the RFC provide a way to specify metrics for default routes? Technically, Linux *can* have multiple default routes. But they have to have different metrics so Linux will know which one to use as any given time.

Static routes work well enough for (nearly) trivial internetworks. But they become unmanageable as complexity increases. That's why routing daemons and protocols were invented; but these reduce security (imagine a rogue host pushing/advertising a route to internet--through a teredo tunnel or via cellular data link--that bypasses the perimeter firewall). With neither routing daemons/protocols nor static routes, the only option is to employ hairpin routing on default gateways. This works, but can double the traffic on various links (e.g., traffic from .1.120/24 to .56.4/24 goes to the default gateway .1.1 which immediately sends it right back out the same link to .1.254 which is the gateway to .56.0/24); not as elegant or as efficient as having proper routes.

But is it worth adding such complexity to dhcpcd?

N


On Thu, 5 Apr 2018 13:31:16 +0000
Roy Marples <roy@xxxxxxxxxxxx> wrote:

> On 05/04/18 08:50, Roy Marples wrote:
> > Hi Paul
> > 
> > On 04/04/2018 23:49, Walrath, Paul wrote:  
> >> In the 7.0.0-rc2 release notes you list “dhcp: fixed classless static 
> >> routes”.  Do you remember what was fixed?  I am using version 6.9.1G. 
> >> In this version, not all of the routes in Option 121 seem to end up in 
> >> the routing table.
> >>
> >> As a test, I had my DHCPv4 server send Option 121 as follows 
> >> (Wireshark trace):
> >>
> >> Option: (121) Classless Static Route
> >>
> >>      Length: 36
> >>
> >>       192.168.10.0/24-192.168.10.1
> >>
> >>       192.168.10.1/32-0.0.0.0
> >>
> >>       192.168.20.0/24-192.168.20.1
> >>
> >>       192.168.20.1/32-0.0.0.0
> >>
> >>      default-192.168.2.2
> >>
> >>       default-192.168.2.3
> >>
> >>       default-192.168.2.4
> >>
> >>       default-192.168.2.5
> >>
> >> The extra default gateways are there just to see what dhcpcd would do 
> >> with them.  
> > 
> > Wow! That's complex. I've never tested beyond a simple setup.
> > I'll do similar on my server and see what happens.
> >   
> >>
> >> The dhcpcd client added the following routes to the routing table:
> >>
> >> Destination/Gateway/Genmask
> >>
> >> 0.0.0.0/192.168.2.2/0.0.0.0
> >>
> >> 192.168.2.2/0.0.0.0/255.255.255.255
> >>
> >> 192.168.10.1/0.0.0.0/255.255.255.255
> >>
> >> 192.168.20.1/0.0.0.0/255.255.255.255
> >>
> >> Shouldn’t the following routes also have been added?
> >>
> >> 192.168.10.0/255.255.255.0/192.168.10.1
> >>
> >> 192.168.20.0/255.255.255.0/192.168.20.1
> >>
> >> Is this what was fixed in 7.0.0-rc2?  
> > 
> > No, I'm pretty sure it wasn't that. The fix is here:
> > https://roy.marples.name/git/dhcpcd.git/commit/?id=510c760cb24ef4b1b16cc14732c5ffe0fbb0d96d 
> > 
> > 
> > Also, it won't apply to dhcpcd-6 because one of the goals in dhcpcd-7 
> > was to move to a protcol agnostic routing setup which means a lot less 
> > code to maintain.
> > 
> > I'll try and test with dhcpcd-7 tonight as I have my kids birthday party 
> > all day today.  
> 
> And the result with dhcpcd-7.0.2:
> wlp6s0: adding IP address 10.73.2.30/24 broadcast 10.73.2.255
> wlp6s0: using Classless Static Routes
> wlp6s0: router 192.168.2.2 requires a host route
> wlp6s0: adding route to 10.73.2.0/24
> wlp6s0: adding host route to 192.168.10.1
> wlp6s0: adding route to 192.168.10.0/24 via 192.168.10.1
> wlp6s0: adding host route to 192.168.20.1
> wlp6s0: adding route to 192.168.20.0/24 via 192.168.20.1
> wlp6s0: adding route to 192.168.2.2/32
> wlp6s0: adding default route via 192.168.2.2
> 
> Notice I swapped the routes a bit so the host route to the router 
> appears before the subnet route via it.
> 
> For more than once default router, dhcpcd will always make sure it works 
> even if it needs to add a host route for it. I just added a cosmetic fix 
> so it's reported correctly like so:
> 
> wlp6s0: using Classless Static Routes
> wlp6s0: router 192.168.2.2 requires a host route
> wlp6s0: adding route to 10.73.2.0/24
> wlp6s0: adding host route to 192.168.10.1
> wlp6s0: adding route to 192.168.10.0/24 via 192.168.10.1
> wlp6s0: adding host route to 192.168.20.1
> wlp6s0: adding route to 192.168.20.0/24 via 192.168.20.1
> wlp6s0: adding host route to 192.168.2.2       <--- fix is here
> wlp6s0: adding default route via 192.168.2.2
> 
> And here's the routing table:
> $ ip r
> default via 192.168.2.2 dev wlp6s0 proto dhcp src 10.73.2.30 metric 303
> 10.73.2.0/24 dev wlp6s0 proto dhcp scope link src 10.73.2.30 metric 303
> 192.168.2.2 dev wlp6s0 scope link src 10.73.2.30 metric 303
> 192.168.10.0/24 via 192.168.10.1 dev wlp6s0 proto dhcp src 10.73.2.30 
> metric 303
> 192.168.10.1 dev wlp6s0 proto dhcp scope link src 10.73.2.30 metric 303
> 192.168.20.0/24 via 192.168.20.1 dev wlp6s0 proto dhcp src 10.73.2.30 
> metric 303
> 192.168.20.1 dev wlp6s0 proto dhcp scope link src 10.73.2.30 metric 303
> 
> 
> Roy
>
Follow-Ups:
Re: Option 121 Classless Static RoutesRoy Marples
References:
Option 121 Classless Static RoutesWalrath, Paul
Re: Option 121 Classless Static RoutesRoy Marples
Re: Option 121 Classless Static RoutesRoy Marples
Archive administrator: postmaster@marples.name