On Fri, 25 Jan 2002 kuznet@xxxxxxxxxxxxx wrote:
> > Yes, it is a complicated issue, simple setup:
> Masquerading to different sources depending on multipath selection? Right?
> Well, it is exactly the situation when multipath is illegal.
> It is legal only when different hands of multipath bring the same
> packet to the same destination.
> Please, do not try to bring statefullness of any kind to routing.
> Especially, taking into account that the same thing can be made
> if you sync to state internal to masquerading with an fwmark.
> Seems, your "lsrc" is just a second fwmark.
In fact, the masquerade connections will have the right to call
ip_route_input providing lsrc. This is the only valid way to support
masquerade through different ISPs with multipath (the route has no
preferred source, the first primary IP is used). You are right, the
multipath route has distinct paths but the lsrc solves this problem,
there are no other issues. Routers NAT-ing through different ISPs are
a good thing to support. The users buy two or more ADSLs and achieve
Julian Anastasov <ja@xxxxxx>