Re: Kernel Routing sequence
From: Meelis Roos
Date: Sun Aug 14 2005 - 15:55:36 EST
>> IP address being a part of a IP network is just plain bitwise
>> calculation and has nothing to do with interfaces.
AB> This is obvious, but the fact that the Kernel accepted the packet on
AB> eth0 implies it is either part of 10.0.0.0/8 or 10.0.0.0/24.
No, it does not imply. It only implies that it was either sent via a
router that has a link-level connection to eth0 or from a host that has
a link-level connection to eth0.
AB> Yes, but what if your routing requirements are dynamic based on
AB> src/dest-net/mask? Are you saying it is not possible to make such a
AB> routing decision?
What exactly are you trying to achieve?
>> There is one additional thing you might want to have a look at when
>> you are building routers with asymmetric routing: rp_filter. You
>> might to want to turn it off for the interfaces in questions.
AB> Isn't that the default?
Several distributions turn it on as a security measure (so you can
prevent some kinds of IP spoofing on a gateway host without any
filtering rules). At least Debian does turn it on from my recent
To unsubscribe from this list: send the line "unsubscribe linux-net" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html