On Fri, 26 Apr 2002, Adrian Chung wrote: > When you add a route that sets a src like: > > ip route add table <table> 192.168.1.0/24 src 192.168.1.11 dev eth0 > > The "src" doesn't specify the source IP to put in the packet (it's not > network address translation, like SNAT in iptables), it just specifies > which local source IP the routing mechanisms should use to determine > where to route the packet. Actually, it is more subtle than that. The 'src' *does* specify the source IP to put in the packet *if* the packet doesn't have a source IP yet. This only holds true for packets generated locally. > For example, I've got policy routing setup with FreeS/WAN on a gateway > with an internal and external interface, where I do: > > # ip rule add table 1 prio 100 > # ip route add table 1 <remoteLAN> dev ipsec0 src <localIP> > > This forces the box to route all packets to the remote LAN via the > internal interface, rather than the external interface. > > However, the packets that show up at the other end don't contain a > source IP of <localIP> from the table 1 route, rather they contain the > source IP of the client machine that sent them. > This led me to believe that the "src" option only adjusts the way the > routing machinery in the kernel decides where and how to route the > packet, but doesn't change/rewrite the source address in the packets > themselves. It does not. The ip rule does that. Routing does not mangle packets, unless the packet is locally generated and incomplete. Doei, Arthur. -- /\ / | arthurvl@sci.kun.nl | Work like you don't need the money /__\ / | A friend is someone with whom | Love like you have never been hurt / \/__ | you can dare to be yourself | Dance like there's nobody watching
