Linux policy routing issue (am I tripping over a kernel bug?)
I'm having an unusual problem with a Policy Routing setup. I have a
combination of IPtables and Policy Routing rules that force certain
protocols out one interface and other protocols out the other interface.
The problem is that SNMP traps are exiting the correct interface, but
with the IP address of the other interface!
Furthermore, the situation only occurs if the destination is not local.
If the destination is local, the packet exits the correct interface with
the correct source IP. If the destination is via a gateway, then the
packet exits via the correct interface, but with the wrong source IP.
I'm at a loss. The rules and routes all appear to work correctly, it's
just the final assignment of the source IP that seems to be wrong. It
appears to me that I've found a bug in the kernel, but I'm not sure. Any
clues or further things to look at would be very helpful.
Thanks in advance,
I'm running kernel 22.214.171.124 on a custom distribution.
Here's the route rules and route tables: (I've simplified the setup for
$ iptables -L -t mangle
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
MARK tcp -- anywhere anywhere tcp dpt:162
MARK set 0x1
$ ip rule list
0: from all lookup 255
2000: from all fwmark 0x1 lookup 1
32766: from all lookup main
32767: from all lookup default
(I know that route table 1 is being selected since I can change these
routes and the result changes as expected)
$ ip route list table 1
192.168.105.0/24 dev bond2 scope link src 192.168.105.79
default via 192.168.105.6 dev bond2 src 192.168.105.79
(note that even though the route specifies a "src 192.168.105.79" and
the cache entry shows the correct "via" address, the "from" address is
$ ip route list cache
192.168.100.254 from 192.168.123.79 via 192.168.105.6 dev bond2
cache (null) 1500 ssthresh 1460 advmss 64