Hello, On Thu, 20 Mar 2003, Gordan Bobic wrote: > The setup: > > "Home brewed" v2.2.24 (will patch to v2.2.25 later today) with the DS8 patch > applied. Currently downloading the DS9/rbtree/htb3 patches to be applied > later (obviously, unpatching the old DS8 first), and see if at least some of > my problems go away. Yes, DS-8 has many problems including security ones. The only problem is that I still didn't upgraded the patches to 2.2.25, may be in the next days I'll find time to do so. > Multiple cable/DSL lines with multiple default routes and equal cost > multipath. I strongly recommend the route patches in such case: http://www.ssi.bg/~ja/#routes-2.2 http://www.ssi.bg/~ja/routes-2.2.20-7.diff > When applying ingres shaping (policing filter) all executes fine without > reporting any errors, but > > tc -s -d qdisc show dev eth1 > and > tc -s -d filter show dev eth1 DS9 has fixes for the ingress stats > Can anyone hazard a guess as to why this is not doing what it should be? Is > this a know bug in DS8 and DS9 will fix it? I will try it anyway, just to > make sure, but some encouraging news would be nice. :-) Yes, yes, I'll add it to the changelog > 2) ipmasqadm portfw unstable/unreliable > > I have tried to use this approach to forward ports from the firewall to an > internal server. It works OK initially, but within minutes, things start > going wrong. Some connections get through on one interface but not the other. > Later, connections from the same host will work on a different interface, but > not the one it worked on initially. Such problems should be solved from the "routes" patches, they will keep each traffic through its ISP. Read nano.txt from http://www.ssi.bg/~ja/#routes It is for 2.4 but the concept and the routing rules are same. > TIA. > > Gordan Regards -- Julian Anastasov <ja@xxxxxx>
