tech-net archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

Re: npf and carp



On Thu, May 28, 2015 at 07:31:15AM -0600, Brook Milligan wrote:
> On May 27, 2015, at 3:10 PM, Mindaugas Rasiukevicius wrote:
> > Indeed, the traffic looks asymmetric.  The packet filters (not only NPF)
> > see the outgoing packets on the physical interface.  It is reset here:
> > 
> > http://nxr.netbsd.org/xref/src/sys/net/if_ethersubr.c?r=1.209#222
> 
> Would this also cause routing loops?  I had tried setting up a router with a carp interface and ran into all sorts of routing issues.  I was not entirely confident that I had it configured correctly, but now I suspect the problems might have been because packets were being given different addresses than I expected and thereby confusing the rest of the network.  Is that a possible outcome of the way the network stack currently handles carp interfaces?

I'm using carp on a router with 20 or so interfaces, without problems.
But I'm using only inboud filtering, no outbound.

-- 
Manuel Bouyer <bouyer%antioche.eu.org@localhost>
     NetBSD: 26 ans d'experience feront toujours la difference
--


Home | Main Index | Thread Index | Old Index