Hi Daniel, I am not completely sure I understand your setup. Is <interface> always Yes, <interface> is always the same NIC, in my particular case is eth0. Just to be clear, this is the routing table with actual values ( 192.168.18.0/24 is the subnet with gateway): 1) 192.168.18.1 dev eth0 2) 8.8.8.8 via 192.168.18.1 dev eth0 3) 192.168.18.0/24 dev eth0 src 192.168.18.103 4) 10.10.10.0/30 dev eth0 src 10.10.10.1 // manually added at boot 5) default via 192.168.18.1 dev eth0 Is <interface> configured to use DHCP? If so what is the I tested both cases and the problem appears both in static and DHCP configuration. IIRC the first rule is added to make sure we can always reach the Okay, but isn't this already guaranteed from rule "number 3"? Isn't rule number 1 repeating information that is already present in rule 3? I commented the line that adds the rule 1 on my connman instance and everything is working fine. When rule 1 is present: ping to gateway at 192.168.18.1 is routed using rule 1, so the source address in the packet is the primary address (which is 10.10.10.1). The gateway doesn't know how to send back a response because he doesn't know subnet 10.10.10.0/30. When rule 1 is not present: In this case, the packet is routed to the gateway using rule number 3, which specifies the right src address and is sufficient to reach the gateway because it is found in that subnet. The gateway responds correctly to the ping packet using as destination 192.168.18.103. I just wonder if rule 1 is really necessary. If that is the case I think it should be modified in (following the example): 192.168.18.1 dev eth0 src 192.168.18.103 Thanks, Andrea Il giorno dom 28 ott 2018 alle ore 19:53 Daniel Wagner <wagi(a)monom.org&gt; ha scritto: > Hi Andrea, > > On 10/23/2018 09:49 AM, Andrea Capirchio wrote: > >> Hi, > >> > >> I am developing an embedded system running connman 1.36 over linux. > >> My system is multi-home, so I have one network interface connected to > >> two subnets that cannot see each other. > >> Assuming that I have a gateway present on "subnet 2" (relative to > >> "address 2"), and that the > >> primary address of the interface is "address 1", that was assigned > >> manually at boot time, I have the following routing table (from $ ip r): > >> > >> 1. <gateway addr> dev <interface> > >> // added by connman > >> 2. <dns addr> via <gateway addr> dev <interface> > >> // added by connman > >> 3. <local subnet2>/<netmask2> dev <interface> src <local address2> > >> // added by connman > >> 4. <local subnet1>/<netmask1> dev <interface> src <local address1> > >> // added manually > >> 5. default via <gateway addr> dev <interface> > >> // added by connman > > While ConnMan monitors the changes no the routing table it wont react on > it. > > >> I think that the first rule is wrong. > > I am not completely sure I understand your setup. Is <interface> always > the same NIC? Is <interface> configured to use DHCP? If so what is the > > >> Explaination: > >> > >> With this configuration, PING from the device to the gateway is not > >> working. > >> This because linux chooses rule number 1 to route the packets to the > >> gateway, but this does not specify the source IP of the interface, so > >> the primary IP is chosen as source address. > >> The primary is the IP relative to "subnet 1" while the gateway can only > >> communicate with IPs from "subnet 2", so the gateway cannot answer to my > >> device. > >> > >> I am considering to patch this, but should the rule be erased? > >> Or if it is useful to some purpose, should I add the src IP to rule > >> number 1? > > IIRC the first rule is added to make sure we can always reach the > Thanks, > Daniel >