Re: working example setup for source-based routing with ipfilter?

To: tech-net%NetBSD.org@localhost
Subject: Re: working example setup for source-based routing with ipfilter?
From: Mouse <mouse%Rodents-Montreal.ORG@localhost>
Date: Wed, 13 Jul 2011 11:28:58 -0400 (EDT)

> The idea is to route outgoing packets to the interface that would
> receive their source addresses (else my upstreams would filter them).

That kind of routing is exactly what srt interfaces are for.  I just
now looked, and the version in the 5.1 source tarballs appears to at
least try to support INET6.  NetBSD's version is missing a change that
makes it cooperate with "keep state" style firewalling (eg, most NAT
setups), but that is unlikely to matter for v6.  However, it may be
effectively unmaintained; it doesn't seem to have real locking calls in
it, and might not work right on little-endian machines - comparing it
against my version I see an ntohl which I think I added when I started
using it on i386 (for most of its existence I was using it on sparc).

Still, might be worth trying.

Of course, if you have some reason for wanting to do this with ipfilter
in particular, then ignore me. :-)

/~\ The ASCII                             Mouse
\ / Ribbon Campaign
 X  Against HTML                mouse%rodents-montreal.org@localhost
/ \ Email!           7D C8 61 52 5D E7 2D 39  4E F1 31 3E E8 B3 27 4B

Follow-Ups:
- Re: working example setup for source-based routing with ipfilter?
  - From: is

References:
- working example setup for source-based routing with ipfilter?
  - From: is

Prev by Date: working example setup for source-based routing with ipfilter?
Next by Date: Re: working example setup for source-based routing with ipfilter?
Previous by Thread: working example setup for source-based routing with ipfilter?
Next by Thread: Re: working example setup for source-based routing with ipfilter?
Indexes:

Home | Main Index | Thread Index | Old Index