I would like to validate a CHR setup that requires 2 IPv4 addresses on the same nic.
for isolation consideration we set ip adresses with /32 netmask
the IP 169.254.10.1/32 give the connectivity to the GW IP 169.254.10.6 and publique IP is used for internet routing stuff
the default gw is sourced with pub IP to grant CHR internet connectivité naturally (without nat)
Code: Select all
[test@test] > ip/address/print
# ADDRESS NETWORK INTERFACE
1 82.abc.def.241/32 82.abc.def.241 ether3-INTERCO-PUB
2 169.254.10.1/32 169.254.10.6 ether3-INTERCO-PUB
Code: Select all
[test@test] > ip/route/print
# DST-ADDRESS GATEWAY DISTANCE
1 As 0.0.0.0/0 169.254.10.6 1
...
the result is a success, all working as expect
However, I need to be sure that CHR will never choose the public ip as ARP src-ip when private is available
so for comparison I did the same test on a linux (debian)
By default linux kernel arbitrarely choose private or public IP at boot for ARP annoucements , so it break my setup
And why it doesnt prefer one ip over the other is because the kernel have no idea which IP need to be prefered
intuitively, we might think that the connected route 169.254.10.6/32 src 169.254.49.1 would do the job, but it doesn't !
it's still possible to force preference with the following configuration :
the private address must have a network that includes the GW ip (enlarge netmask -> 169.254.49.1/23 to include GW ip 169.254.10.6)
set sysfs arp_announce=2 to ensure that the private IP will be prefered for arp announces when it is available
With this settings it fully works
to make sure my setup is fully reliable, I'd like to understand how routerOS ensures that private IP will be prefered for arp announces when the 2 addresses are in /32
best regards
maxime