iptables/advanced routing

• Next message: Richard Gooch: "Re: OOPS[devfs]: reproducible in vfs_follow_link 2.4.9,2.4.10-pre4"
• Previous message: Davide Libenzi: "[PATCH] /dev/epoll update ..."
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

2.4.2-ac3
ip rule : many rules
ip route: several tables
doing nat, tunnels, source address based routing, QoS

Problems:

1. ICMP packets do not pass advanced routing rules and tables, take default
route and associated outgoing source address from main table.
        1. nat tunnel icmp fragmentation gets correct source address but bad
        route
        2. non-nat generated icmp gets also source address from main table.
        3. itf main table does not have default, icmp source address decision
        could go trough rules.

2. iptables does not accept SNAT in PREROUTING chain. Which makes ip rule
tables very long, much longer than it could be if source address would be
changed before routing.

• application/octet-stream attachment: stored

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

• Next message: Richard Gooch: "Re: OOPS[devfs]: reproducible in vfs_follow_link 2.4.9,2.4.10-pre4"
• Previous message: Davide Libenzi: "[PATCH] /dev/epoll update ..."
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b29 : Fri Sep 07 2001 - 21:00:42 EST