What if you used some iptables rules to DENY packets from eth0 with destination ip address 172.16.1.100? I'm thinking you might have to put in the rules in the OUTPUT table and catch them on the way out from 192.168.1.100. No clue whether or not that will work, but worth a try. - Greg -----Original Message----- From: David Purves [mailto:davidpurves@xxxxxxxxxxxxxx] Sent: Friday, December 07, 2001 3:39 PM To: lartc@xxxxxxxxxxxxxxx Subject: [LARTC] Forcing an "external" route Here is as wacky a situation as you might find... Given a linux box with two ethernet cards: eth0 at ip 192.168.100 eth1 at ip 172.16.1.100, and an internet "appliance" with two ethernet ports: p0 at ip 192.168.1.101 p1 at ip 172.16.1.1, I want to force packets from eth0 <--> eth1 to take the path eth0 <--> p0 <--> p1<-->eth1. What I have here is an appliance that I want to run some throughput tests. The cables are set up eth0 <--> p0 and p1<-->eth1 and work (pings work just fine).... no matter what I try, the kernel is too smart for me :-) , and it routes internally (inside the linux box) instead of entering the outside world. Any ideas? David Purves _______________________________________________ LARTC mailing list / LARTC@xxxxxxxxxxxxxxx http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://ds9a.nl/2.4Routing/