On Fri, 2002-10-25 at 16:24, Arthur van Leeuwen wrote: > On 25 Oct 2002, Vincent Jaussaud wrote: > > > When only one gateway is used to reach remote networks, everything is > > working just fine. (Whatever gateway we choose to use) > > Whenever we attempt to activate multipath routing over both gateways, > > then SSH don't work anymore. We can ping, traceroute, telnet, ... but > > not SSH nor FTP (PASV). > > ssh tends to play with TOS fields (and rightly so). Routing is keyed to the > *triple* (src, dst, tos), something that most people (including me) normally > forget. However, in this particular case that may be the reason for your > ssh's breaking. > Hmm... that's really interesting. Thanks for the pointer. I remember now that I've read something regarding SSH & TOS field some days ago. If I'm right, it use the Minimum Delay TOS value. Now, how am I suppose to deal with this TOS issue ? What TOS value should do the trick ? I'm using a 2.2 kernel with ipchains. > The reason for FTP breaking possibly has to do with packets for > the control connection going out the one gateway and for the data going > out the other... but this is speculation on my part. That sounds wise. However, routes are suppose to be cached using the src IP field as well (If I'm not mistaken), so that every packets coming from a particular IP are likely to take the same route than the others. Am I wrong ? A BIG Thanks for your reply :-) Cheers, Vincent. > > Doei, Arthur. > > -- > /\ / | arthurvl@sci.kun.nl | Work like you don't need the money > /__\ / | A friend is someone with whom | Love like you have never been hurt > / \/__ | you can dare to be yourself | Dance like there's nobody watching -- Vincent Jaussaud Kelkoo.com Security Manager email: tatooin@kelkoo.com "The UNIX philosophy is to design small tools that do one thing, and do it well." _______________________________________________ LARTC mailing list / LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
