On 10/3/17 8:58 PM, Eyal Birger wrote: > Hi David, > > On Wed, Oct 4, 2017 at 12:54 AM, David Miller <[email protected]> wrote: >> From: Shmulik Ladkani <[email protected]> >> Date: Sat, 30 Sep 2017 11:59:09 +0300 >> >>> This leads to inconsistencies, depending on order of operations, e.g.: >> >> I don't see any inconsistency. When you insert using NLM_F_EXCL the >> insertion fails if any existing rule matches or overlaps in any way >> with the keys in the new rule. >> >> Sorry I'm not going to apply this. > > The inconsistency we saw is that 0.0.0.0/0 is treated differently compared to > all other subnets - for which overlaps are not disallowed - e.g. this > succeeds: > > # ip ru add from 10.0.0.0/8 iif eth2 pref 33 table 33 > # ip ru add from 0.0.0.0/1 iif eth2 pref 33 table 33 > # ip ru add from 128.0.0.0/1 iif eth2 pref 33 table 33 > > Though being functionally equivalent to adding from=0.0.0.0/0. > > So our understanding was that 'different subnet==different rule', similar to > the > route addition behavior with NLM_F_EXCL. >
I agree with DaveM ... your "non-working" sequence has a specific entry followed by a global, match all entry.
