netdev
[Top] [All Lists]

Re: [RFC] MASQUERADE / policy routing ("Route send us somewhere else")

To: Harald Welte <laforge@xxxxxxxxxxxxx>
Subject: Re: [RFC] MASQUERADE / policy routing ("Route send us somewhere else")
From: "David S. Miller" <davem@xxxxxxxxxxxxx>
Date: Mon, 30 Aug 2004 19:19:15 -0700
Cc: netfilter-devel@xxxxxxxxxxxxxxxxxxx, rusty@xxxxxxxxxxxxxxx, netdev@xxxxxxxxxxx
In-reply-to: <20040831013841.GA5824@sunbeam.de.gnumonks.org>
References: <20040830201957.GY5824@sunbeam.de.gnumonks.org> <20040830140729.7309ecc0.davem@davemloft.net> <20040831013841.GA5824@sunbeam.de.gnumonks.org>
Sender: netdev-bounce@xxxxxxxxxxx
On Tue, 31 Aug 2004 03:38:42 +0200
Harald Welte <laforge@xxxxxxxxxxxxx> wrote:

> Thanks for your quick reply, Dave.

Was this one quicker? :)

> > # It can screw up the things a lot. 
> 
> does not really give me an understanding of why and where it might screw
> up. I really want  to fully understand this issue before proposing any
> change.
> 
> > # In this context, if you want to be sure that packet will go out
> > # expected interface you do plain lookup and drop packet if it gave
> > # you some strange route.
> 
> That is the presumption I am about to challenge.  Is the 'original'
> interface really the one we want in this case? 

Good question.

What Alexey appears to be objecting to, exactly, is how Rusty added
a specific output device specifier to the flow key for route lookup.

I think the check can be removed.  If someone screams, we'll revisit.

<Prev in Thread] Current Thread [Next in Thread>