Incoming Network Packets Discarded on Non-Gateway Interface
(Doc ID 1269099.1)
Last updated on MAY 26, 2021
Applies to:Linux OS - Version Oracle Linux 5.5 and later
Oracle Cloud Infrastructure - Version N/A and later
After installing Unbreakable Enterprise Kernel (OL5) 2.6.32.x, networks accessed through the non-default gateway cannot be accessed. If the kernel is changed back to EL5 (2.6.18.x), network routing works as expected. If the default gateway is changed, the networks previously unreachable can be reached, but the networks on the previous default gateway cannot.
An example of a network configuration that exhibits the problem:
A ping from "source" (at the bottom) to the system under test (SUT) at the top is made. The default route for both "source" and "SUT" is "RA", the node on the left. Both RA and RB forward packets between both interfaces; "SUT" does not forward packets between its interfaces.
With the above configuration, "source" can ping both the IP addresses of both "RA" and "RB". It can also ping 10.3.76.99 in "SUT". However, it cannot ping 10.x.65.99 in "SUT" because there is no route to the 10.x.65.0/24 network. However, a ping to "source" (10.x.105.99) from "SUT" will work.
With the default route through RA (so that the ICMP ECHO response goes back the way it came) the ping to 10.x.76.99 in "SUT" works with both 2.6.18 and 2.6.32 kernels.
With the default route through RB (so that the ICMP ECHO response goes back through RB rather than RA) the ping to 10.x.76.99 in "SUT" works with the 2.6.18 kernel, but not with the 2.6.32 kernel.
To view full details, sign in with your My Oracle Support account.
Don't have a My Oracle Support account? Click to get started!
In this Document