-----BEGIN PGP SIGNED MESSAGE-----


>>>>> "der" == der Mouse <mouse@Rodents.Montreal.QC.CA> writes:
    >> I want to do source address based routing for some particular IPs.

    der> I have a pseudo-interface driver that does exactly this:

    der> [Truly-Delicious - root] 75> netstat -rn -f inet | egrep srt0
    der> default 10.0.0.1 UGS 3 468844 1500 srt0 10.0.0.1 216.46.0.70 UH 1 0
    der> 1500 srt0

  Thanks for the heads up. This sounds useful in other contexts.

  In this context we actually have three transit ISPs connected, plus
peering at an interchange. We have both provider independent addresses
and provider dependant addresses. We have a full routing table.

  We actually want to always route the provider dependant addresses back
to the provider. This is mostly due to emergency access and bandwidth issues
for certain services. We actually want even finer control... some things
should just respect the routing table and go out to the IX.
  
  There is some issue that we are tracking, somewhere between 50K and
118K routes, something weird happens, and the IPF stuff doesn't work
for one set of addresses, but does for another.
  
]       ON HUMILITY: to err is human. To moo, bovine.           |  firewalls  [
]   Michael Richardson, Sandelman Software Works, Ottawa, ON    |net architect[
] mcr@sandelman.ottawa.on.ca http://www.sandelman.ottawa.on.ca/ |device driver[
] panic("Just another Debian GNU/Linux using, kernel hacking, security guy"); [
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.7 (GNU/Linux)
Comment: Finger me for keys

iQCVAwUBPkx/xYqHRg3pndX9AQFocwP9HqV5Y98y+maeuAj0DeT6rBLZUlxHSPCO
EXd31htLZfa2ZJP0hV6IKXFEzVEMVACi6WG/e5lmd5BVDJW99ICJnswc7MZ41Jee
RyTuuEbC6INrelBxnWd73eKA+Pfi7beibcpGYj5U5GQABM2iIPrQPFi9qkI55eW6
vB+zf/aHvf4=
=TDPz
-----END PGP SIGNATURE-----