albert-lopez
commented
5 years ago We need a different table for each iface to add the associated default address. This is the way we use to do traffic balancing between several interfaces. We have done a quick fix to mitigate your requirements. Now, the table number / priority is calculated with the iface index plus RULE_IFACE_BASE_TABLE_PRIORITY. This value is set to 10 and is defined in the file routing_tables_lib.h. If you need bigger values you can recompile the code changing this value. You can find this fix in the testing branch
Currently oor/data-plane/tun/tun.c always adds several policy routing rules. These are good for most standard systems, but sometimes give the opposite result when applied to complex network configurations.
Especially because the rules are such high-priority! Why does tun_add_datap_iface_addr() even use
iface->iface_indexas the priority value? For example, after starting oor I end up with this rule:2: from 2a01:6f0:ffff:1::2 lookup 2– which forces everything through the default gateway ignoring my tunnel and VPN routes.Meanwhile, the rules from tun_register_lcl_mapping() are harmless... as long as they're cleaned up on shutdown. (Unfortunately current kernels don't check for duplicates, so every time oor crashes/restarts the rule list grows...)
So there should be an option to disable the two sets of policy rule additions, or at least to customize the rule priority used in tun_add_datap_iface_addr().