On Fri, 2002-11-22 at 05:26, Vincent Jaussaud wrote: > On Fri, 2002-11-22 at 13:39, Andreas Hasenack wrote: > > - the internal network would probably do many downloads, and not uploads > > > > - the web server doesn't originate traffic, it responds to requests from > > the outside world, and it will respond using the same link the request > > came in (or not?) > > > No, replies packet will hit the multipath route, and thus may not take > the same link to come back. Actually if you create the proper rules, there are gateways defined in a table prior to the multipath. So if the route is know via cache, it will take a known gateway. Otherwise if it is not, it will be compared to each table, and then finally hit the multipath equalize one and go from there. > But in such situation, the sraddr in the replies packets are likely to > be set to the one on which the original request came on. Which will use the rules if defined. They should be there. > In that case, we can add specific routing rules to ensure that the > replies goes back through the right link. Exactly, but you put them before the multipath route so they are looked at and compared to first. > As far as I know, sraddr is likely to be set correctly for TCP servers, > while for UDP servers it may not work as expected. Haven't really seen and problems there. So far from my experience my DNS queries use both TCP and UDP. I have not seen and problems effecting UDP and not TCP. But DNS lookups are quick and short, as most UDP services, so there could be some problems there that are not effecting me in my current scenario. > Also, if our ISPs don't do rp_filtering, then we don't care what link is > beeing used for the replies, as soon as the saddr is correct. Not sure here, I never got into that aspect. I just assumed they did do rp filtering. I played with turing rp filtering on in the Linux router, but in the end left it on or what ever the default is. -- Sincerely, William L. Thomson Jr. Support Group Obsidian-Studios Inc. 439 Amber Way Petaluma, Ca. 94952 Phone 707.766.9509 Fax 707.766.8989 http://www.obsidian-studios.com _______________________________________________ LARTC mailing list / LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
